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On  tap  at  RSA 

Proliferating  malware,  security  in  the  cloud  and 
government  oversight  are  just  a  few  topics  to  be 
addressed  at  this  week’s  RSA  Conference.  Page  12. 


■  Clear  Choice  Test:  3Com  switch 

New  core  switch  offers  a  fast,  green 
alternative  to  Cisco.  Page  26. 
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H-1B  lottery? 
No  need 


Maximize  your  return  on  IT  ■  www.networkworld.com 
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Petitions  for  new 
H-1B  visas  have 
dropped  off  dramati¬ 
cally  as  the  economic 
recession  continues 
to  threaten  U.S.  jobs 
and  shrink  the 
demand  for  foreign 
talent.  Page  10. 


Can  Skype  change 
the  world? 

Free  from  eBay's  con¬ 
straints,  Skype  could 
come  into  its  own. 

Page  12. 


Virtualization  blitz 

A  new  Symmetrix 
array  from  EMC  and 
anticipated  hypervi¬ 
sor  from  VMware  are 
aimed  at  enterprises 
with  mass  virtualiza¬ 
tion  plans.  Page  14. 
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Carriers  to 
agencies: 
Show  us 
the  money 

BY  CAROLYN  DUFFY  MARSAN 

Two  years  ago,  the  U.S.  General  Ser¬ 
vices  Administration  awarded  a  10- 
year,  $20  billion  program  called  Net- 
worx  that  was  touted  as  the  world’s 
largest-ever  telecom  deal. 

But  with  federal  agencies  spending 
only  a  fraction  of  the  projected  dol¬ 
lars  on  Networx  so  far,  carriers  are 
asking:  Where  is  the  money? 

GSA  designed  Networx  as  a  soup- 
to-nuts  telecom  deal,  providing 
domestic  and  international  voice, 
data,  video  and  wireless  services  to 
all  federal  agencies.  GSA  awarded 
Networx  contracts  in  spring  2007  to 
AT&T,  Verizon  Business,  Qwest  Com¬ 
munications,  Sprint  Nextel  and  Level 
3  Communications. 

When  Networx  was  awarded, 
See  Networx,  page  18 


Exchange  2010  beta 
shows  great  promise 

Administrators  and  users  gain  new  capabilities 


BY  JOEL  SNYDER,  NETWORK  WORLD 
LAB  ALLIANCE 

Microsoft  gave  us  a  10-day  head  start  to 
test  the  first  public  beta  of  Exchange 
10  before  it  officially  hit 
the  streets  last  week,  and 
we  came  away  impressed. 

Microsoft  has  packed  im¬ 
provements  into  every 
corner  of  this  new  product. 

We  didn’t  get  to  fully  test  each  and 
every  new  feature  —  the  list  is  eight 
pages  long.  But  we  can  say  that  there’s 
plenty  for  both  email  administrators  and 
users  to  like  in  this  upgrade. For  users, 
especially  those  making  heavy  use  of 
Webmail  and  distribution  lists,  Exchange 
2010  provides  a  better  user  interface  and 
expanded  capabilities,  including  self-ser¬ 
vice  management  of  many  Exchange 
features. 

If  you  are  thinking  of  upgrading  to  Ex¬ 


change  2007  but  haven’t  done  so,  the 
new  user  features  in  Exchange  2010  may 
make  the  six-month  wait  for  the  shipping 
product  worthwhile. 

The  self-service  features 
are  another  reason  to  con¬ 
sider  delaying  an  upgrade. 
On  the  other  hand,  if  you 
don’t  see  VoIP  features, 
Webmail  or  mobile  device 
access  as  huge  user  driven  factors  in 
your  e-mail  deployment,  Exchange  2010 
won’t  be  that  much  of  a  change  from  Ex¬ 
change  2007. 

For  administrators,  we  found  powerful 
new  features  in  the  areas  of  high  avail¬ 
ability  and  scalability  that  build  on  Ex¬ 
change  2007,  yet  simplify  the  task  of  im¬ 
plementing  large  Exchange  networks.  In 
Exchange  2010,  Microsoft  is  extending 
the  administration  and  management 
See  Exchange,  page  16 
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coming  to  a  city  near 
youlThe  event  fea¬ 
tures  10  IT  tracks; 
vendor  expo;  peer 
case  studies. 
Register  at: 
www.nwdocfinder. 
com/8728 


Bob  Metcalfe  came  up  with 
the  idea  for  Ethernet  in  1973. 


RIDGE  TO  TERABIT  ETHERNET 

)/100Gigabit  Ethernet  products  to  ship  by  year-end; 
tlrabit|spe#ds  ^ntigipated  by  2015.  Page  P * 
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With  Microsoft  Virtualization,  you  can  dramatically  cut  costs  by  cons* 
servers,  reducing  power  consumption,  and  accelerating  application  d 
Microsoft's  server  virtualization  solution  is  approximately  one-third  the 
cost  of  a  comparable  solution  from  VMware.  Now  you  can  virtualize 
breaking  the  bank.  Explore  the  virtual  at  microsoft.com/virtualization 


Microsoft 


Virtualization 


Based  on  a  comparison  of  Windows  Server®  2008  Enterprise  with  Hyper-V’“  and  Microsoft®  System  Center  Server  Management  Suite  Enterprise  with  VMware’s  VMware  Infrastructure 
Enterprise  with  VMware  vCenter  Server.  Includes  two  years'  support  costs  for  both.  Based  on  Microsoft  estimated  retail  prices  and  published  VMware  prices  available  at 
https://www.vmware.com/vmwarestore  as  of  02/04/2009.  Actual  reseller  prices  may  vary. 
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the  mob . .  %  Jj  w, 

A  study  from  Wrizon' 
Business  claims  that  orga¬ 
nized  crime  is  responsible  for 
a  large  increase  in  the  number 
of  breached  corporate  elec¬ 
tronic  records,  which  totaled 
roughly  285  million  last  year.  According 
to  the  study,  which  Verizon  Business 
compiled  using  data  from  the  90  con¬ 
firmed  corporate  network  breaches  it 
recorded  last  year,  93%  of  all  records 
breached  came  from  the  financial  sec- 
tor.The  company  also  says  that  nine  out 
every  10  of  these  breaches  involved 
“groups  identified  by  law  enforcement 
as  engaged  in  organized  crime” 
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Network  start-ups  rolling 
in  venture  funding 

Well,  OK,  that’s  probably  getting  car¬ 
ried  away.  But  four  network  start-ups 

—  ExtraHop  Networks  (performance 
management),  Reflex  Systems  (virtual 
systems  management  and  security), 
Reva  Systems  (RFID  management)  and 
StoredlQ  (eDiscovery  and  information 
management) 

—  grabbed  a 
combined 
$25  million 
in  venture 
fundm© 
last  we' 


Ex-Qwest  CEO  behind  bars 
The  outspoken  former  head  of  Qwest, 
who  executed  a  bold  merger  between 
the  broadband  service  provider  and  a 
local  telephone  company,  last  week 
reported  to  prison  at  the  Schuylkill 
Satellite  Camp  in  Minersville,  Pa. 

Joseph  Nacchio’s  last-ditch  attempt  to 
avoid  jail  failed  when  U.S.  Supreme 
Court  Justice  Stephen  Breyer  denied 
his  application  for  bail  and  a  temporary 
stay.That  means  he’ll  await  his  appeal 
from  prison.  It’s  barely  a  year  since  a 
jury  found  Nacchio  guilty  of  19  counts  of 
insider  trading  and  sentenced  him  to  six 
years  in  prison.They  found  that  while  he 
was  publicly  forecasting  strong  growth 
for  Qwest  as  CEO  in  2001,  he  was  sell¬ 
ing  off  his  own  stock  in  the  company 
because  he  knew  it  was  struggling. 
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12  How  the  Skype  spinoff  could  change 
the  market. 

TECH  UPDATE _ 

20  Onshoring  has  its  benefits. 

22  Mark  Gibbs:  AnalyzingTwitter  with 
Excel,  Part  3. 

22  Keith  Shaw:  Sharing  USB  devices 
easily. 
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NETWORK  INFRASTRUCTURE 


10  H-1B  demand  falls  sharply. 

10  ING  examines  cloud  computing. 

12  RSA  kicks  off  on  somber  note. 

14  EMC,  VMware  scale  up  data  center. 

34  Opinion  BackSpin:  Less  freedom  in 
the  new  digital  world? 

APPLICATION  SERVICES 

34  Opinion  ‘Net  Buzz:  Fact-checking 
the  fact-checkers:  Snopes.com  gets  “A.” 


■  The  USB  Net  ShareStation  lets  you 
connect  your  home  router  or  switch  to 
as  many  as  four  USB-enabled  devices. 
See  Cool  Tools,  page  22. 
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to  ship  by  year- 
end;  terabit  speeds 
anticipated  by  2015. 

Page  24 

Bob  Metcalfe  came  up  with 
the  idea  for  Ethernet  in  1973. 
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Buy  America  ...  or  bye 
America? 

Re:  Cisco  against  Buy  America  provisions  of 
the  $7.2B  broadband  stimulus  fund  (www.nw 
docfinder.com/9635): 

In  the  case  of  electronics  and  electronic 
components,  there  are  many  that  are  no 
longer  made  in  America.  Offshore  compa¬ 
nies  already  have  exclusive  manufacturing 
of  several  basic  components  and  several 
assemblies.  I  don’t  think  we  could  build  tele¬ 
com  products  exclusively  from  Made  In 
America  parts  if  we  wanted  to.  And  to  try  to 
come  back  up  to  speed  and  quality  would 
be  very  expensive.  It  would  be  nice  if  we 
could,  but  that  ship  has  left. 

Anon 

It  doesn't  take  a  genius  to  figure  out  that 
large  corporations  like  Cisco  are  no  longer 
“American”  institutions,  regardless  of  where 
their  headquarters  are.  The  first  30  years  of 
unrestrained  greed  and  avarice  has  produced 
a  class  of  senior  management  that  is  treaso¬ 
nous  in  their  pursuit  of  profit  at  any  cost.They 
hold  no  allegiance  to  any  nation,  including 
ours. 

Jaded  Republican 

No  stopping  Microsoft 
netbooks 

Re:  Microsoft  eating  up  U.S.  and  global  net- 
book  markets  (www.nwdocfinder.com/9636): 

Although  Microsoft  will  need  to  adjust  to  the 
lower  per-machine  revenues  it  derives  from 
netbook  sales,  one  fact  is  clear:  If  these 
machines  continue  growing  as  they  have 
been,  the  company  will  be  able  to  make  it  up 
in  volume.  According  to  NPD,  Windows  now 
accounts  for  over  96%  of  all  netbooks  sold  in 
the  United  States,  meaning  that  it’s  pretty  much 
kicked  Linux  right  out  of  the  market.  And 
worldwide,  Windows  already  owned  76%  of 
the  netbook  market  by  the  end  of  2008,  and 
that  figure  is  rising  month  by  month.  Accor¬ 
ding  to  IDC,  Linux  preinstallations  on  net- 
books  will  account  for  just  single-digit  market 
share  by  the  end  of  this  year.  Game  over?  Yeah, 
I  think  so. 

Anon 


Trusting  the  source  is  an 
age-old  issue 

Re:The  wild,  wild  Web:  Whom  can  you  trust? 
(www.nwdocfinder.com/9637): 

The  Web  hasn’t  changed  anything  except 
given  more  choices.  It’s  same  as  with  papers, 
books,  rumors,  stories,  tales,  political  speeches, 
religious  messages,  whatever  —  each  has  its 
own  agenda  and  it  is  up  to  us  (our  own 
brains)  to  filter  what  we  want  and  can  believe 
or  what  is  pure  trash  fed  to  us.  Anyone  believe 
marketing  and  advertising  any  more?  Your  his¬ 
tory  books  —  their  history  books?  Their  view 
of  the  world  or  yours? 

tuomoks 

Internet  evolving,  not  dying 

Re:  Is  the  Internet  doomed  to  fail? 
(www.nwdocfinder.com/9638): 

I  agree  that  “the  current  state”  of  the  Internet 
will  be  different  tomorrow  and  if  we  declare 
every  variation  of  what  the  Internet  looked 
like  in  the  past  as  being  dead  then  I  would 
urge  that  the  Internet  already  died  and  will  do 
so  every  day  into  the  future  as  a  new  one 
emerges. 

The  language,  or  protocols,  of  the  Internet 
will  continually  change  and  the  infrastructure 
that  drives  it  will  change  along  with  its  owners 
and  the  cost  and  economics  for  access  with 
change  along  with  it.  The  Internet  has  gone 
from  a  generic  name  for  the  interconnection 
of  a  bunch  of  defense  and  research  networks 
into  really  the  concept  of  an  interconnected 
global  economy 

The  success  of  the  Internet  has  been  due  to 
its  ubiquity  and  its  ability  to  change  with  the 
times.  It  is  only  fitting  that  in  the  year  of 
Darwin’s  200th  anniversary  that  we  have  the 
ability  to  watch  the  evolution  of  an  organism 
(the  Internet)  that  isn’t  even  biological  before 
our  eyes.  This  is  the  Internet’s  strength,  not 
weakness. 

Viper 

E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  492 
Old  Connecticut  Path,  Framingham,  MA  01 701- 
9002.  Please  include  phone  number  and  address 
for  verification 


One-day  IT  event  coming  to  a  city 
near  you! 

10-ITTracks;  Vendor  Expo;  Peer 
case-studies 


Feature  sessions  include:  Security;  WAN  services;  Network  management; 
Virtualization;  Data  centers;  SaaS;  Green  IT;  UC;  VoIP;  Mobility;  Application  delivery 

10  cities  in  2009 


ITR  visits  Chicago, Boston  and  Atlanta  in  2009 
Register  and  qualify  to  attend  free 

www.nwdocfinder.com/9433 
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Free  trialware  download  at  CDW.com/endpoint 

Symantec™  Endpoint  Protection  11.0 


SonicWALL®  Network  Security 
Appliance  2400 


WatchGuard®  Firebox®  Core 
X550e  UTM  Bundle 


•  Combines  Symantec  AntiVirus™  with  advanced  threat 
prevention  in  a  single  agent,  delivering  defense  against 
malware  for  notebooks,  desktops  and  servers 

•  Seamlessly  integrates  essential  security  technologies 
in  a  single  agent  that  is  administered  via  a  single 
management  console,  increasing  protection  and 
helping  lower  total  cost  of  ownership 


•  Patented  reassembly-free  deep  packet  inspection 
technology 

•  Fully  integrated  deep  packet  inspection  firewall, 
including  gateway  antivirus,  antispyware,  intrusion 
prevention,  and  application  firewall  for  perimeter 
and  internal  protection 

•  Application  firewall  feature-set  for  application 
inspection  and  control 

•  Automated  and  dynamic  security  updates 


Coordinates  multiple  internal  defense  layers  to 
enhance  protection  and  efficiency 
Intuitive  management  interface  provides  flexible 
networking  features  and  functionality  for  ease  of 
administration 

Bundle  includes  application  proxy  firewallA/PN 
appliance,  one  year  of  Gateway  Antivirus/Intrusion 
Prevention  with  antispyware,  spamBlocker, 
WebBlocker  and  extended  hardware  warranty, 
threat  alerts  and  technical  support 


100-249  user  license  with  1-year  Essential  Support1 
$32.99  CDW 1314200 


$1619" 


VwatchGuard 


CDW  1464508 


CDW  973448 


We're  there  with  the  security  solutions  you  need. 

Security  threats  won't  get  on  your  network  if  they  can't  get  to  the  network.  That's  why  gateway  security  is 
so  important.  CDW  has  a  wide  selection  of  top-name  firewall  protection,  antivirus,  antispyware,  intrusion 
prevention  and  more.  Our  personal  account  managers  along  with  our  highly  trained  technology  specialists 
have  the  expertise  you  need  to  ensure  your  network  is  fortified  and  secure.  So  call  CDW  today.  And  eliminate 
threats  before  they  even  become  threats. 

CDW.com  800.399.4CDW 


The  Right  Technology.  Right  Away 


Essential  Support  includes  24x7  technical  phone  support  and  upgrade  insurance;  call  your  CDW  account  manager  for  details.  Offer  subject  to  CDW’s  standard 
terms  and  conditions  of  sale,  availableatCDW.com.  ©2009  CDW  Corporation  .  . 
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■  Cisco  may  experience  near-term 
delays  with  MDS  storage  switch 
refresh.  Cisco  Subnet  blogger  Brad  Reese 
cites  a  research  note  that  says  Cisco  might 
see  some  delays,  which  could  provide 
Brocade  with  an  incremental  share  gain.  The 
report  says:  “Near-term  demand  remains 
solid  for  Brocade  with  positive  trends  with 
key  OEM  partners  despite  the  uncertain 
macro  as  storage  continues  to  rank  high  in 
terms  of  IT  spend.  Our  recent  dialogue  with 
storage  vendors  indicates  Brocade’s  strong 
Fibre  Channel  OEM  ties  and,  if  anything, 
Cisco’s  aggressive  push  into  the  data  center 
may  be  the  catalyst  for  IBM  and  HPQ  to 
strengthen  their  respective  Ethernet  connec¬ 
tions  with  Brocade  as  well.  So  while  Brocade 
may  lose  some  share  with  EMC  much  longer 
term  as  Cisco  gains  traction  with  its  Unified 
Computing  Platform,  we  think  the  company 
may  more  than  make  it  up  on  the  Ethernet 
switch  side."  www.nwdocfinder.com/9632 

■  Hard  times  in  PC  land.  Craig  Mathias  in 
his  NearPoints  blog  examined  Intel’s  earn¬ 
ing  report  disclosed  last  week.  Intel's  Paul 
Otellini  says  in  Intel’s  release:  "We  believe 
PC  sales  bottomed  out  during  the  first 
quarter  and  that  the  industry  is  returning  to 
normal  seasonal  patterns".  Given  the  econ¬ 
omy  and  Vista  together,  it’s  easy  to  see  how 
seasonal  patterns  might  return,  but  only  at  a 
far  lower  level  of  sales.  Intel's  margins  are 
deteriorating,  and  they  really  can’t  handle  a 
lower  sales  volume  for  long  without  urn,  tak¬ 
ing  some  action.  Intel  is  not  really  to  blame 
for  this  state  of  affairs  —  Microsoft  is.  Vista 
is  an  abject  failure.  Let's  face  it,  no  one  real¬ 
ly  cares  if  their  processor  is  made  by  Intel, 
AMD,  or  Matsumura  Fishworks  and 
Tamaribuchi  Heavy  Manufacturing  Concern. 
What  customers  really  buy  are  applications. 
www.nwdocfinder.com/9633 

■  Why  is  Google’s  Schmidt  still  on 
Apple’s  board?  The  Google  Subnet 
reviews  that  question  asked  by  CNBC  ana¬ 
lyst  Jim  Goldman  in  a  report  on  Google’s 
upcoming  earnings  call.  Isn’t  there  some¬ 
thing  about  conflict  of  interest  and  not  hav¬ 
ing  the  CEO  of  a  strong,  direct  competitor 
on  your  board?  We’ve  already  seen  the  soft 
underbelly  of  the  Schmidt-Apple  relation¬ 
ship  come  to  light,  when  Google  caved  to 
Apple  and  voluntary  dropped  the  iPhone's 
signature  multitouch  capability  from  the  G1. 
And  Goldman  points  out  that  the  Google- 
Apple  relationship  is  only  set  to  get  more 
tangled,  now  that  several  vendors  are  con¬ 
sidering  using  Google’s  Android  as  their 
netbook  OS  of  choice. 
www.nwdocfinder.com/9634 


Exploring  server 
virtualization 

In  Part  2  of  our  series 
on  server  virtualization, 
Tom  Henderson  digs 
deeper  into  the  con¬ 
cepts  and  strategies 
around  this  technology. 

www.nwdocfinder.com/9624 


Control  a  PC  via 
clapping 

New  software  that  uses 
onset  detection  and 
pattern  recognition  can 
tell  the  difference 
between  different  clap¬ 
ping  sounds. 
www.nwdocfinder.com/9625 


Sun  discusses 
Nehalem  servers, 
IBM  rumors 

Sun  launched  new 
servers  last  week 
based  on  Intel's 
Nehalem  microarchi¬ 
tecture. 

www.nwdocfinder.com/9626 
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Managing  IP  addresses  with 
free  tools 


Network  management:  Few  people  would 
argue  the  importance  of  IP  addresses  to  net¬ 
work  operations,  but  many  don't  make  man¬ 
aging  them  a  priority  in  their  environment, 
especially  in  tough  economic  times.  Recent 
research  from  BT  showed  that  more  network 
managers  are  moving  away  from  spread¬ 
sheets  and  investing  in  automation  and  other 
tools  to  manage  IP  addresses.  Still  many 
couldn't  get  an  IP  address  management  pro¬ 
ject  pushed  through  the  budget  process  for 
various  reasons.  Some  reasons  pointed  to 
other  projects  taking  a  higher  priority  and  oth¬ 
ers  simply  thought  their  network  was  too 
small  to  justify  the  investment.  But  many  work¬ 
ing  in  network  operations  today  believe  man¬ 
aging  IP  addresses  is  too  critical  a  project  to 
fall  victim  to  budget  crunches. 
www.nwdocfinder.com/9627 

Tech  exec:  For  a  number  of  years,  I've 
worked  with  various  technology  companies 
and  organizations  to  help  them  develop  and 
promote  their  certification  programs.  I 
thought  I'd  share  some  of  my  insider  knowl¬ 
edge  about  how  to  get  the  most  out  of  your 
IT  certifications.  Let's  call  this  “Linda's  List  of 
Best  Practices  to  Benefitting  from  IT 


Certifications.”  I’ll  start  by  defining  what  I 
mean  by  “certification.”  In  the  IT  industry, 
there  are  numerous  organizations  (e.g., 
CompTIA.SANS  Institute,  SNIA)  and  vendors 
(e.g.,  Cisco,  Microsoft,  HP  Red  Hat)  that  have 
formal  programs  that  validate  the  knowledge 
and  skills  of  an  IT  professional. The  person 
who  goes  through  this  validation  process  — 
usually  one  or  more  written  or  hands-on 
tests  —  attains  a  “certification”  or  “credential.” 
Some  credentials  are  easy  to  earn;  others 
take  many  months  or  even  years  of  training, 
hands-on  experience,  book  study  and  other 
preparation.  Regardless  of  the  type  of  certifi¬ 
cation  you  choose  to  earn,  there  are  a  few 
simple  things  you  can  do  to  maximize  the 
value  you  get  out  of  your  certification.  If  you 
don’t  already  possess  a  credential,  take  the 
steps  to  attain  one.  When  you  are  competing 
for  a  new  job,  contract  work,  or  even  a  posi¬ 
tion  within  your  company,  the  certification 
can  be  the  differentiator  between  you  and 
another  candidate.  Hiring  managers  often 
state  that  a  certain  certification  is  required  or 
at  least  preferred  for  an  open  position. This  is 
especially  true  if  you  want  to  be  hired  by  a 
value-added  reseller  or  consultancy. 
www.nwdocflnder.com/9627 
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Give  your  company  the  flexibility  to 
adapt  to  any  business  environment. 


Converged  Solutions  from  Sprint  uses  a  flexible  IP  core  for  your  company’s  voice,  video  and  data 
communications.  With  technology  like  Wireless  Integration,  your  mobile  has  all  the  functions 
of  your  desk  phone.  So  you  and  your  workforce  can  adapt  to  just  about  every  situation  you  find 
yourself  in.  Get  it  on  the  Now  Network .™ 
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Researcher  offers  tool  to 
hide  malware  in  .Net 

A  computer  security  researcher  has  released  an  upgraded  tool  that  can  simpli¬ 
fy  the  placement  of  difficult-to-detect  malicious  software  in  Microsoft’s  .Net 
framework  on  Windows  computers.  The  tool,  called  .Net-Sploit  1.0,  allows  a 
hacker  to  modify  the  .Net  framework  on  targeted  machines,  inserting  rootkit-style 
malicious  software  in  a  place  untouched  by  security  software  and  where  few 
security  people  would  think  to  look,  said  Erez  Metula,the  software  security  engi¬ 
neer  for  2BSecure  who  wrote  the  tool.  In  addition,  .Net-Sploit  automates  some  of 
the  arduous  coding  tasks  necessary  to  corrupt  the  framework,  speeding  up  devel¬ 
opment  of  an  attack.“You’ll  be  amazed  at  how  easy  it  is  to  devise  an  attack,”  Metula 
said  during  a  presentation  last  week  at  the  Black  Hat  security  conference  in 
Amsterdam,  www.nwdocfinder.com/9640 


permanent  head  count  also  fell  for  the  first 
time  since  it  began  reporting,  to  20,164  com¬ 
pared  with  20,222  in  the  fourth  quarter. 

www.nwdocfinder.com/9644 

Time  Warner  Cable  nixes  bandwidth 

caps.  In  the  wake  of  a  customer  backlash, 
Time  Warner  Cable  said  it  will  shut  down 
bandwidth  cap  trials  for  its  Internet  services. 
CEO  Glenn  Britt  said  there  was  a  “great  deal 
of  misunderstanding”  about  Time  Warner 
Cable’s  plans  and  that  the  company  would 
shelve  the  tests  “until  further  consultation 
with  our  customers.”  Britt  emphasized,  how¬ 
ever,  that  the  company  still  believes  that  “con¬ 
sumption-based  billing  may  be  the  best  pric¬ 
ing  plan”  going  forward  and  he  did  not  rule 
out  restarting  the  tests. 
www.nwdocfinder.com/9645 


Cisco  reveals  aggressive  pricing  for 
blade  server  system.  Cisco  last  week 
divulged  more  details  on  its  Unified 
Computing  System  for  data  centers,  including 
pricing  and  performance  benchmarks.  UCS 
combines  networking,  blade  servers  and  virtu¬ 
alization  into  an  integrated  system  optimized 


for  a  unified  data  center  switching  fabric  of 
LANs  and  storage-area  networks.  Cisco  says 
each  UCS  component  —  blade,  CPU,  disk, 
memory  and  I/O  cards  —  is  priced  competi¬ 
tively  with  other  leading  server  vendors’  ele¬ 
ments,  yet  UCS  costs  less  in  a  configured  sys¬ 
tem  because  of  its  ability  to  converge  host 
bus  adapter  and  lOGbps  Ethernet  network 
interface  card  capabilities.  In  a  configuration 
of  about  320  blades,  UCS  costs  just  more  than 
$500,000  —  compared  with  $1.6  million  for  a 
leading  vendor’s  320-blade  configuration  — 
because  of  a  lOx  reduction  in  the  number  of 
Ethernet  and  Fibre  Channel  switches,  manage¬ 
ment  modules  and  associated  software  licens¬ 
es,  Cisco  says,  www.nwdocfinder.com/9641 

Recession  resistant:  10  technologies 
CIOs  are  still  buying.  Even  in  the  midst  of  a 
recession,  IT  leaders  realize  they  can’t  neglect 
certain  technologies.  Seventy-percent  of  1,400 
CIOs  polled  by  Robert  Half  Technology  said 
their  companies  will  invest  in  IT  initiatives  in 
the  next  12  months.Among  those, 43%  indicat¬ 
ed  that  information  security  projects  would 
be  a  top  priority;  28%  plan  investments  in  vir¬ 
tualization,  and  27%  will  be  looking  to  make 
their  data  centers  more  efficient  with  technol¬ 


ogy  buys.  Other  investment  areas  include: VoIP 
(cited  by  26%  of  respondents), software-as-a- 
service  (26%),  green  IT  (20%),  business  intelli¬ 
gence  (19%), social  networking  (18%), Web 
2.0  (17%)  and  outsourcing  (16%). 
www.nwdocfinder.com/9642 

Sun  fires  back  at  Cisco  with  blade  net¬ 
work  switch.  Sun  last  week  introduced  a 
networking  product  that  takes  aim  at  an 
emerging  rival  in  the  server  market,  Cisco. The 
long-term  goal  of  both  vendors  is  to  simplify 
data  centers  by  combining  storage,  network¬ 
ing  and  computing  capabilities  into  a  single 
platform.  Sun’s  new  offering  is  the  Virtual 
Network  Express  Module,  a  piece  of  hardware 
that  slides  into  a  blade  chassis  and  does  the 
job  of  an  aggregation  switch,  managing  traffic 
between  the  blades  and  a  central  10-Gigabit 
Ethernet  switch.  Sun’s  technology  is  “very 
impressive,” says  Nathan  Brookwood,  principal 
analyst  with  Insight64.  It  may  provide  less  fine 
grained  management  capabilities  than  a  third- 
party  switch, such  as  the  ability  to  prioritize 
traffic  from  different  applications,  but  many 
customers  don’t  need  that,  Brookwood  says. 
Sun  also  launched  six  servers  and  a  worksta¬ 
tion  based  on  Intel’s  new  Nehalem  microar¬ 
chitecture,  including  Sun’s  first  two  servers  to 
incorporate  its  new  flash  storage  module. 
www.nwdocfinder.com/9643 

Google  suffers  several  negative  firsts  in 
quarter.  It  took  a  worldwide  recession  to 
put  the  Google  growth  machine  in  reverse. 
The  world’s  largest  Internet  search  company 
marked  several  negative  firsts  in  the  quarter 
just  passed,  despite  beating  Wall  Street’s 
expectations  in  a  tough  economic  environ¬ 
ment.  Google  saw  its  revenue  ($5.51  billion) 
fall  3%  compared  with  the  previous  quarter, 
marking  its  first  quarterly  revenue  decline 
since  it  began  publishing  results  in  2003.Total 
advertising  revenue,  a  key  metric  followed  by 
analysts,  fell  3%  compared  with  the  fourth 
quarter,  its  first  drop  on  record. The  company’s 


Microsoft’s  cloud  identity  platform  on 
track.  Microsoft’s  identity  platform  for  the 
cloud  is  on  track,  and  users  will  likely  see 
another  beta  next  month  and  final  shipment 
before  year-end,  officials  said  last  week.  Code- 
named  Geneva,  the  open  identity  platform 
extends  to  the  cloud  and  provides  develop¬ 
ment  tools,  gateway  technologies  and  long- 
awaited  Microsoft  support  for  the  SAML  2.0 
protocol.  Geneva’s  foundation  is  the  claims- 
based  access  model  and  Security  Token 
Service  technology  that  Microsoft  has  been 
developing  over  the  past  few  years  as  part  of 
its  industry  effort  to  create  a  single  identity 
system  based  on  standard  protocols.  The  plat¬ 
form  consists  of  the  Geneva  Server,  formerly 
called  Active  Directory  Federation  Services 
2.0;  Geneva  CardSpace  Client,  a  smaller  and 
faster  version  of  the  identity  client  now  avail¬ 
able  with  Vista;  and  the  Geneva  Framework, 
which  was  formerly  code-named  Zermatt. 
www.nwdocfinder.com/9646 

Mobile  devices  tax  unprepared  IT 
groups.  Companies  expect  to  support  a 
growing  range  of  smartphones  and  mobile 
employees,  but  their  mobile  infrastructure 
lacks  key  elements  to  do  so  efficiently  and 
cost-effectively,  new  data  shows.  Osterman 
Research’s  survey  of  125  IT  decision-makers 
found  that  82%  of  respondents  supported 
BlackBerry  devices  in  2008,  and  66%  sup¬ 
ported  Windows  Mobile. While  only  20%  of 
respondents  supported  iPhones  in  2008, 
44%  plan  to  support  them  in  2009.  At  the 
same  time,  many  companies  are  not  well 
equipped  to  minimize  mobility  disruptions. 
Asked  how  confident  they  were  that  all  ele¬ 
ments  of  their  mobile  messaging  platform 
are  fully  protected  against  downtime,  39% 
said  they  were  “very  confident”  or  “confi¬ 
dent.”  Another  39%  said  they  were  some¬ 
what  confident,  and  17%  were  “not  too  con¬ 
fident.”  Five  percent  admitted  they  were  “not 
at  all  confident.” 
www.nwdocfinder.com/9647 
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Your  IT  challenges 


come  in 


So  do  our  solutions. 


IT  problems  happen,  but  disruption  doesn’t  have  to  be  a  part  of  the  process. 
From  power  outages  to  downed  email,  SunGard  is  there  to  keep  it  alt  flowing. 
What  makes  10,000  customers  trust  and  depend  on  SunGard?  A  30-year 
history  of  doing  it  right. 

With  the  widest  range  of  information  Availability  services  in  the  industry, 
SunGard  offers  the  solutions  to  cover  it  all— no  matter  what  the  availability 
requirement,  from  production  to  recovery.  SunGard's  infrastructure  has 
redundancies  at  every  level— we’ve  invested  so  you  don’t  have  to.  At  SunGard, 
we  know  you  need  higher  levels  of  availability,  and  we  deliver.  So  leave  your  T? 
worries  to  us.  J 


AdvancedRecoverySM  with  a  100%  recovery  record 
and  a  breadth  of  services  offered 

AdvancedHostingSM  with  over  2.000  customers 
and  34  production  facilities  with  a  range  of  managed 
IT  services 

Consulting  with  more  than  100.000  action 
plans  delivered 

Continuity  Management  Software  the  most 
widely  used  to  keep  businesses  up  and  running 


To  learn  more  about  how  to  keep  your  people  and  information  connected, 
visit  www.availability.sungard.com/sgl  or  call  1-866-673-6616. 
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H-1B  demand  falling  sharply 


BY  DENISE  DUBIE 

Fewer  companies  filed  petitions  for  H-1B 
visas  this  year  as  the  economic  recession  con¬ 
tinues  to  threaten  U.S.  jobs  and  shrink  the 
demand  for  foreign  talent. 

U.S.  companies  since  April  1  have  filed  some 
42,000  petitions  with  the  U.S.  Citizenship  and 
Immigration  Services  agency  for  65,000  H-1B 
Specialty  Occupation  Visas  available  for  20 10,  a 
fraction  of  previous  years’  petitions.  In  2007,  the 
USCIS  received  some  150,000  petitions  in  a 
matter  of  days,  and  in  2008  the  agency  con¬ 
ducted  a  lottery  after  163,000  petitions  were 
filed  in  less  than  a  week. 

Because  this  year’s  cap  hasn’t  been  reached, 
the  USCIS  will  continue  to  accept  applications 
for  the  65,000  general  H-1B  visas  (as  well  as  for 
the  20,000  visas  made  available  to  recipients  of 
a  graduate  degree  from  a  U.S.  university;  rough¬ 
ly  20,000  petitions  for  these  advanced  degree 
visas  have  been  received  so  far  in  April,  but  the 
agency  expects  not  all  will  be  approved). 

Industry  watchers  say  the  paltry  number  of 
petitions  filed  shows  that  despite  U.S.  lawmak¬ 
ers  working  to  restrict  the  number  of  H-l  B  visas 
permitted,  the  market  will  dictate  what  the 
country  needs  in  terms  of  hiring  foreign  talent. 

“There  is  no  need  to  do  a  lottery  this  year, and 
these  numbers  show  that  the  market  for  H-l  B  is 
self-regulating. The  cap  mandated  by  Congress 
is  artificial,”  says  Eleanor  Pelta,  a  partner  at  law 
firm  Morgan,  Lewis  &  Bockius  in  Washington, 
D.C.,  and  an  official  with  the  American  Immi¬ 
gration  Lawyers  Association. 

Nonetheless,  restrictions  in  the  economic 
stimulus  package  have  proposed  to  limit  those 
companies  receiving  government  funds  from 


H-1B  demand  drops 

Immigration  officials  were  forced  to 
limit  and  conduct  a  lottery  of  new 
H-1B  petitions  in  previous  years  after 
receiving  applications  for  well  over  the 
number  of  available  visas  within  the 
first  week  of  filing. 


New  H-1B  petitions  filed 
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hiring  foreign  nationals  without  first  exhaust¬ 
ing  all  other  U.S.  options.  For  instance,  one  pro¬ 
vision  would  restrict  H-1B  hiring  at  companies 
that  have  received  funds  from  the  Trouble 
Assets  Relief  Program  (TARP)  and  that  have 
more  than  15%  of  their  workers  on  visas;  these 
companies  would  be  required  to  prove  they 
have  diligently  recruited  American  workers 
for  the  position  and  that  in  hiring  a  foreign 
national  they  are  not  replacing  a  U.S.  citizen. 

But  for  the  most  part,  the  companies  that 
might  be  eligible  for  money  from  the  govern¬ 


ment  under  such  programs  aren’t  hugely 
dependent  on  H-1B  visas  for  filling  positions. 
According  to  the  National  Foundation  for 
American  Policy  (NFAP),  less  than  1%  of  the 
staff  at  some  of  the  largest  U.S.  financial  firms 
hold  H-1B  visas.  For  instance,  Goldman  Sachs 
and  JPMorganChase  filed  for  227  and  236 
new  H-1B  visas  in  2007,  which  represented 
0.74%  and  0.14%  of  their  total  employees, 
respectively. 

“The  updated  government  restrictions  have 
very  little  to  do  with  the  drop  off  in  petitions,” 
Pelta  says.  “But  the  senators  and  congressmen 
that  really  have  problems  with  the  H-1B  pro¬ 
gram  will  not  look  at  this  year’s  petitions  as  an 
indicator  that  the  program  should  be  allowed 
to  meet  the  needs  of  U.S.  companies  in  good 
and  bad  economic  times.There  are  restrictions 
in  place  and  government  agencies  are 
equipped  to  enforce  them  without  requiring 
an  unrealistic  cap.” 

Pelta  says  demand  for  H-1B  visas  follows  the 
job  market,  and  as  more  companies  seek  to 
hire  foreign  nationals,  often  that  means  an  in¬ 
crease  in  jobs  for  U.S.  citizens  as  well.  A  March 
2008  NFAP  brief  reports  that  rather  than  dis¬ 
placing  American  workers,  data  showed  for 
every  one  H-1B  position  requested,  U.S.  tech¬ 
nology  companies  increased  their  employ¬ 
ment  by  five  workers. 

“If  the  U.S.  wants  to  participate  in  the  global 
economy  it  must  shed  some  of  its  protectionist 
and  outdated  policies,  and  lawmakers  must 
realize  we  need  to  view  resources  globally  as 
well,”  Pelta  says.“Short-sightedness  on  immigra¬ 
tion  programs  could  hurt  our  universities  and 
businesses  five  years  down  the  road.”B 


ING  examines  cloud  computing 


BY  JON  BRODKIN 

Cloud  computing  is  on  the  minds  of  many  IT 
pros  today,  and  Alan  Boehme  of  ING  Financial 
Services  is  no  exception. 

ING  is  just  the  type  of  large  user  organization 
that  cloud  vendors  want  signing  up  for  their 
various  online  business  services.  But  while 
Boehme,  senior  vice  president  and  head  of  IT 
strategy  and  enterprise  architecture  at  ING,  is 
excited  about  the  potential  of  cloud  comput¬ 
ing,  he  says  the  industry  needs  to  get  a  few 
things  in  order  before  this  outsourced  model 
fulfills  its  potential. 

Boehme’s  biggest  concern  is  that  software 
licensing  policies  haven’t  caught  up  to  the 
cloud. The  cloud  lets  customers  buy  comput¬ 
ing  power  on  an  as-needed  basis,  but  software 
licenses  for  products  that  could  be  used  in  the 
cloud  typically  must  be  purchased  up  front,  he 
says.  Software  licenses  should  also  be  avail¬ 


able  on  an  as-needed  basis,  he  says. 

“I  haven’t  seen  any  vendor  with  flexibility  in 
software  licensing  to  match  the  flexibility  of 
cloud  providers,” says  Boehme,  who  is  based  in 
Windsor, Conn.“This  is  a  tough  one  because  it’s 
a  business  model  change.  ...  It  could  take 
quite  some  time.” 

ING,  which  boasts  an  IT  infrastructure  featur¬ 
ing  2,900  to  3,000  servers  and  900-plus  net¬ 
work  devices,  has  used  software-as-a-service 
for  several  years  for  needs  such  as  sales  auto¬ 
mation,  CRM,  human  resources  and  succes¬ 
sion  planning.  Now  ING  is  evaluating  hosted 
application  building  platforms  as  well  as 
online  storage  and  compute  services. 

“We  are  literally  testing  everybody.  We  have 
things  running  across  multiple  providers,” 
Boehme  says. 

Boehme  says  ING’s  policy  is  not  to  discuss 
specific  vendors,  but  the  players  in  this  space 


include  Amazon,  GoGrid,  Google  and  Sales- 
force.  ING  is  not  yet  ready  to  move  from  test  to 
production. “We  have  not  put  any  of  those  ser¬ 
vices  in  production  but  we  are  testing  the  via¬ 
bility  of  all  these  types  of  services,”  Boehme 
says.  “I  know  of  very  few  large  organizations 
that  are  doing  these  things  in  production.  I 
know  of  a  lot  of  small  and  medium-sized  busi¬ 
nesses  that  are.” 

Boehme  has  found  that  cloud  services  make 
it  easy  to  scale  resources  up  and  down.  But  to 
build  a  business  case  for  the  cloud, companies 
need  to  look  at  the  services’  technical  viability, 
security  manageability,  and  the  ability  to  move 
applications  from  one  cloud  to  another. 

Boehme  is  a  founding  member  of  the  Cloud 
Security  Alliance,  a  group  formed  last  month  to 
promote  best  practices  in  cloud  security.  The 
alliance  will  release  a  white  paper  at  the 

See  ING,  page  30 
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USA  kicks  off  on  somber  note 


BY  ELLEN  MESSMER 
AND  TIM  GREENE 

SAN  FRANCISCO  —  Against  an  omnipresent 
backdrop  of  recession  and  uncertainty  IT  secu¬ 
rity  pros  this  week  will  gather  at  an  RSA  Con¬ 
ference  focused  on  malware  proliferation,  pro¬ 
tection  of  virtualized  and  cloud  computing  en¬ 
vironments,  and  the  specter  of  rising  govern- 


BY  BRAD  REED 

Now  that  eBay  has  set  a  tentative  timetable  to 
spin  off  Skype,  the  question  becomes  whether 
the  Internet  phone  company  can  become  a 
legitimate  force  as  a  voice  service  provider. 

Some  analysts  say  Skype  has  been  somewhat 
stifled  while  being  a  part  of  eBay  because  its 
business  model  hasn’t  gelled  well  with  eBay’s 
online  auction  business.  EBay  CEO  John  Dona- 
hoe  acknowledged  as  much  last  week  when 
he  said  Skype  was  “a  great  stand-alone  busi¬ 
ness”  but  it  had  “limited  synergies”  with  eBay 

Despite  these  limitations,  Skype  has  still  been 
remarkably  successful  over  the  past  few  years, 
as  the  company’s  number  of  registered  users 
worldwide  has  grown  by  nearly  eight-fold 
since  being  purchased  by  eBay  in  2008.  Add¬ 
itionally  its  revenues  are  projected  to  nearly 
double  over  the  next  two  years,  reaching  an 
estimated  $1  billion  in  2011. 

Gartner  analyst  Elroy  Jopling  says  once 
Skype  is  officially  spun  off  next  year,  it  will  be 
free  to  concentrate  exclusively  on  its  voice 
business  and  to  expand  its  services  more 
toward  the  mobile  area.  The  company  has 
started  moving  in  this  direction  this  year  and 
unveiled  applications  for  iPhones  and  Black- 
Berry  devices  that  are  aimed  at  giving  smart¬ 
phone  users  alternatives  to  making  voice  calls 
over  traditional  cellular  networks.  Moving  for¬ 
ward,  Jopling  says  that  how  well  Skype  pene¬ 
trates  the  mobile  market  will  be  the  “biggest 
factor”  in  its  potential  success. 

Irwin  Lazar,  an  analyst  at  Nemertes  Research, 
also  thinks  Skype’s  success  in  the  mobile  voice 
market  will  determine  its  future  and  says  its 
addition  to  the  smartphone  market  is  the  first 
step  in  making  the  company  a  household 
name.  More  significantly  he  thinks  if  Skype 
catches  on  with  more  popular  consumer 
devices  it  could  eventually  put  pressure  on  cel¬ 
lular  carriers  to  change  how  they  do  business. 

Although  Skype  iPhone  applications  only 
run  over  Wi-Fi,  Lazar  says  Skype  will  likely  start 
running  more  over  carriers’  data  networks 
once  they  start  building  more  4G  networks 


ment  involvement  in  their  work. 

Though  attendance  in  recent  years  has  hit 
17,000,  conference  organizers  say  this  year’s 
18th  annual  gathering  will  likely  draw  fewer  to 
see  and  hear  from  some  325  vendors  spread 
across  the  exhibit  floor  of  San  Francisco’s  Mos- 
cone  Center. 

One  telling  sign  of  the  times:  RSA  Conference 


based  on  technologies  such  as  Long  Term 
Evolution  and  WiMAX. 

“Skype’s  iPhone  client  was  really  the  first 
shot  across  the  bow  of  cellular  carriers,”  he 
says. “As  they  build  out  higher  speed  data  net¬ 
works  it  becomes  easier  to  do  voice  over  data 
services.” 

This  could  spell  trouble  for  carriers,  Lazar 

See  Skype,  page  14 


A  brief  history  of  Skype 

How  Skype  went  from  humble 
start-up  to  mobile  VoIP  phenome¬ 
non. 

2003:  Skype  officially  founded  as  an 
inexpensive  alternative  for  users  who 
want  to  make  calls  over  IP. 

September  2005:  EBay  purchases 
Skype  for  $2.5  billion;  at  the  time  Skype 
had  54  million  registered  users. 

December  2005:  Releases  its  first 
video  telephony  software. 

April  2006:  Passes  100  million  regis¬ 
tered  users. 

June  2007:  Releases  Version  3.5  for 
Windows;  three  months  later,  the  pro¬ 
gram  is  hit  with  a  worm  that  spreads 
through  its  chat  feature. 

March  2009:  Announces  that  it  is  test¬ 
ing  Skype  for  SIP,  a  service  that  lets 
Skype  users  hook  onto  corporate  IP 
PBXs;  Skype  also  issues  its  first  official 
iPhone  application. 

April  2009:  EBay  announces  that  it 
plans  to  spin  off  Skype  by  mid-2010; 
Skype  boasts  over  400  million  users. 


is  extending  free  passes  worth  more  than 
$2,000  to  25  individuals  described  as  “victims 
of  corporate  downsizing  ...  who  lost  their  jobs 
due  to  the  economic  environment.” 

There  will  be  no  shortage  of  industry  star 
power  on  hand. 

Enrique  Salem, who  this  month  became  pres¬ 
ident  and  CEO  of  Symantec,  will  take  the  stage 
in  a  keynote  address  expected  to  delve  into  the 
exploding  growth  of  malware  and  what 
approaches  can  be  taken  to  confront  it.  His 
company  last  week  released  its  annual  threat 
report  summary  which  points  out  unique  mal¬ 
ware  specimens  more  than  doubled  in  2008. 

RSA  President  Art  Coviello  will  try  and  rally 
the  industry  to  tackle  the  security  issues  sur¬ 
rounding  online  collaboration,  and  mobile 
and  cloud  computing. 

RSA  will  be  announcing  what  it  calls  “Project 
Share,”  which  will  include  offering  the  RSA 
BSAFE  encryption  toolkits — specifically  those 
used  for  C++  and  Java  applications  —  for  free. 
Such  toolkits  would  otherwise  cost  at  least  tens 
of  thousands  of  dollars.  RSA  is  also  expected  to 
make  significant  announcements  concerning 
VMware  (which  EMC  also  owns)  and  security 

Cisco’s  John  Chambers  is  scheduled  to  talk 
about  online  collaboration  and  security,  while 
McAfee  CEO  Dave  DeWalt  will  discuss  the  im¬ 
pact  of  cybercrime. 

Besides  industry  executives,  the  U.S.  govern¬ 
ment  will  be  represented  in  keynote  presenta¬ 
tions  by  Melissa  Hathaway  the  Obama  admin¬ 
istration’s  acting  director  for  cyberspace  and 
Lt.  Gen.  Keith  Alexander,  director  of  the 
National  Security  Agency  (NSA)  and  chief  of 
central  security  services.  Hathaway  is  expected 
to  present  the  findings  of  the  administration’s 
promised  60-day  “Cyber  Security  Review,” 
which  could  set  a  new  pace  for  regulation  and 
defense  of  networks  pertaining  to  critical  infra¬ 
structure. 

NSAs  Alexander  will  speak  to  the  prospects 
for  “public-private  partnership”  for  cybersecur¬ 
ity  But  the  counterpoint  is  likely  to  come  from 
noted  writer  James  Bamford,  author  of  the 
Shadow  Factory  and  other  books  about  the 
super-secretive  NSA,  in  his  keynote  address. 

Indeed,  the  RSA  Conference  is  going  to  be  a 
forum  for  the  controversial  theme  of  how  far 
the  government  can  or  should  go  to  take  con¬ 
trol  of  networks  and  conduct  surveillance,  and 
whether  there  is  already  something  of  a  Cyber 
Cold  War  occurring. 

Contentious  issues  in  virtualization  security 
will  be  debated  by  panelists  that  will  include 
one  of  the  founding  fathers  of  software  virtual¬ 
ization,  Citrix  CTO  Simon  Crosby  who  helped 
invent  open  source  Xen. 

The  security  of  cloud  computing  is  a  major 
topic  at  the  conference,  with  15  sessions  dedi¬ 
cated  to  all  aspects  from  cloud-based  security 
services  to  identity  management. 

See  RSA,  page  30 
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EMC,  VMware  scale  up  data  center 


BY  JON  BRODKIN 

EMC  and  VMware  are  promising  mass  scala¬ 
bility  in  the  virtual  data  center  with  new  prod¬ 
ucts  that  will  let  enterprises  deploy  and  man¬ 
age  hundreds  of  thousands  of  virtual  servers. 

While  EMC  last  week  unveiled  a  new  Sym- 
metrix  storage  array  designed  to  support  heav¬ 
ily  virtualized  data  centers,  VMware  this  week 
will  announce  vSphere,  the  next  generation  of 
its  core  hypervisor  and  related  management 
tools. 

EMC’s  new  Symmetrix  V-Max  storage  system 
(short  for  Virtual  Matrix)  is  being  positioned  as 
a  second  flagship  product  alongside  its  DMX-4. 
EMC  claims  its  new  Virtual  Matrix  architecture 
will  deliver  massive  scalability  delivering  tens 
of  millions  of  IOPS  and  the  ability  to  manage 
hundreds  of  petabytes  of  storage  for  hundreds 
of  thousands  of  virtual  machines  from  a  single 
management  system.  The  system  combines 
flash-based  solid-state  drives  with  Fibre 
Channel  and  SATA. 

V-Max  uses  Intel  Xeon  quad-core  processors 
to  speed  up  data  access,  along  with  software 
that  automates  provisioning  of  storage  to  phys¬ 
ical  and  virtual  machines.  The  Virtual  Matrix 
provides  massive  scalability  by  connecting 
and  sharing  resources,  such  as  I/O  ports,  CPUs, 
mirrored  global  memory,  interconnects  and  a 
storage  operating  system,  according  to  EMC. 


Skype 
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explains,  because  they  will  inevitably  lose  rev¬ 
enue  if  users  simply  subscribe  to  flat-rate  data 
plans  and  then  use  Skype  exclusively  for  their 
voice  services.  Lazar  says  carriers  have  a  few 
options  to  preserve  their  revenue  streams:  they 
can  block  Skype  outright  on  their  data  services, 
they  can  implement  their  own  metered  data 
plans  that  charge  per  bit  consumed  or  they  can 
offer  their  own  flat-rate  VoIP  service  that  is 
priced  competitively  with  Skype’s  service. 

Blocking  Skype  all  together  is  unlikely  says 
Infonetics  Research  analyst  Diane  Myers,  be¬ 
cause  companies  such  as  Google  and  Apple 
have  been  putting  pressure  on  carriers  to  not 
wall  off  their  networks  and  to  let  their  users 
access  any  application  they  wish. 

“IPhone  and  Google’s  Android  platform  are 
really  breaking  down  barriers  for  traditional 
telecom  companies,”  she  says.“What  they’re  in¬ 
terested  in  doing  is  the  polar  opposite  of  what 
telecom  companies  have  been  traditionally 
interested  in." 

And  besides,  Lazar  notes,  it  would  only  take 
one  smaller  carrier  such  asT-Mobile  offering  to 
host  Skype  over  its  data  network  to  foil  the  big 
incumbents’ competitive  advantage  in  keeping 
Skype  off  their  own  networks.  This  means  that 
the  telcos  will  at  some  point  have  to  come  up 


While  server  virtualization  makes 
one  server  act  as  many  indepen¬ 
dent  virtual  machines,  storage  vir¬ 
tualization  takes  1,000  disparate 
elements  and  makes  them  appear 
as  one,  says  Steve  Duplessie, 
founder  and  senior  analyst  at  En¬ 
terprise  Strategy  Group.  Server  vir¬ 
tualization  by  itself  isn’t  as  useful 
as  it  should  be,  because  when  a 
virtual  machine  moves  from  one 
box  to  another  it  might  lose  access 
to  its  data,  he  says. 

EMC’s  new  system  ensures  that 
virtual  machines  maintain  access 
to  data  even  as  they  move,  he  says. 

Moreover,  when  an  enterprise  adds 
more  terabytes,  the  system  auto¬ 
matically  rearranges  itself  and 
redistributes  the  load. The  real  key 
is  reducing  the  amount  of  manual 
processes  required  of  a  storage 
administrator. 

The  details  of  VMware’s  an¬ 
nouncement  are  still  under  wraps, 
but  vSphere  —  the  follow-up  to 
VMware  Infrastructure  3  —  is  expected  to  deliv¬ 
er  the  capabilities  of  VMware’s  long-promised 
Virtual  Datacenter  Operating  System  (VDC- 
OS).  Intended  as  an  infrastructure  operating 


with  their  own  IP-based  voice  services. 

“The  carriers  want  to  avoid  becoming  ‘dumb 
pipes’  that  make  money  on  monthly  access 
charges  but  nothing  else,” Jopling  says.“Without 
question  the  carriers  will  drag  their  feet.” 

While  Skype  could  provide  headaches  for 
carriers  in  the  consumer  markets,  it  is  less  likely 
to  have  such  an  immediate  impact  on  enter¬ 
prise  markets. For  one  thing,  the  fact  that  Skype 
does  not  own  any  of  the  pipes  it  rides  over 
means  that  it  can’t  section  off  a  certain  chunk 
of  bandwidth  to  ensure  call  quality  And  even 
though  the  company  is  developing  an  enter¬ 
prise  service  that  would  allow  business  users 
to  connect  Skype  with  corporate  IP  PBXs, 
Jopling  says  it  has  a  long  way  to  go  before  it 
has  both  the  security  and  QoS  features  that  en¬ 
terprises  need  for  their  voice  systems. 

“In  an  enterprise  it’s  more  important  from  a 
security  perspective  that  when  you  open  up 
your  network  to  the  likes  of  Skype  you  can  also 
increase  your  risk,”  he  says. 

Myers  expresses  a  similar  view  and  says 
Skype  has  a  long  way  to  go  in  adding  security 
features  before  it  becomes  a  trusted  enterprise 
product. 

“In  terms  of  the  enterprise  market,  I  don’t 
think  a  lot  of  carriers  are  losing  sleep  over 
Skype,”  she  says.“If  I  were  an  enterprise,  then  a 
lot  would  have  to  happen  for  me  to  use  Skype 
for  my  [Session  Initiation  Protocol]  trunking.”B 


system, VDC-OS  will  aggregate  virtu¬ 
alized  servers,  storage  and  network 
resources  into  one  big  computing 
pool  that  can  be  managed  from 
within  the  same  software  console. 

VMware  has  positioned  the  oper¬ 
ating  system  as  a  crucial  tool  in  the 
world  of  cloud  computing  because 
it  will  connect  private  data  centers 
to  those  of  external  cloud  pro¬ 
viders,  letting  enterprises  manage 
internal  and  external  resources  in 
tandem. 

Server  vendors  can  be  expected 
to  line  up  in  support  of  VMware’s 
new  product.  Unisys  has  already 
said  it  will  roll  out  a  new  line  of 
enterprise  servers  with  vSphere 
embedded. 

On  the  EMC  front,  Duplessie  says 
there  are  two  easily  identifiable 
drawbacks  to  V-Max.  The  system  is 
expensive  and  raises  the  specter  of 
vendor  lock-in,  particularly  be¬ 
cause  EMC  owns  VMware. 

V-Max  starts  at  $250,000,  which 
covers  one  42U  rack  system  with  about  200TB. 
Full-featured  systems  that  scale  up  to  many 
petabytes  will  cost  millions  of  dollars. 

The  insertion  of  flash  into  EMC  arrays  is  noth¬ 
ing  new,  but  analysts  have  criticized  the  com¬ 
pany  because  its  systems  force  storage  admin¬ 
istrators  to  manually  move  data  from  tier  to  tier. 
EMC  announced  that  it  will  address  that  short¬ 
coming  with  FAST  (Fully  Automated  Storage 
Tiering),  a  new  software  tool  that  “will  auto¬ 
mate  the  movement  of  data  across  multiple 
storage  tiers  based  upon  business  policies,  pre¬ 
dictive  models  and  real-time  access  patterns.” 
This  type  of  software,  already  offered  by  ven¬ 
dors  such  as  Compellent,  helps  prevent  storing 
rarely-accessed  data  on  expensive  flash  drives. 

FAST  will  be  available  in  the  fourth  quarter  of 
2009  for  both  V-Max  and  DMX-4. 

The  V-Max  will  not  replace  the  DMX-4,  nor  will 
it  make  EMC’s  new  Atmos  cloud  storage  soft¬ 
ware  obsolete,  the  company  says.  Atmos  is 
designed  to  manage  petabytes  of  information 
across  tens  or  hundreds  of  geographic  loca¬ 
tions,  using  x86  servers  with  high-capacity,  low- 
cost  SATA  drives. 

Symmetrix  arrays,  says  Bob  Wambach,  senior 
director  of  Symmetrix  marketing,  are  for  mis¬ 
sion-critical  applications  including  ERR  trans¬ 
actional  systems,  e-mail,  databases  and  elec¬ 
tronic  trading. 

EMC  has  optimized  V-Max  for  VMware’s 
hypervisor  and  Microsoft’s  Hyper-V  virtualiza¬ 
tion  software,  but  not  for  Citrix’s  XenServer. 

Although  EMC  stressed  that  V-Max  will  not  re¬ 
place  the  DMX-4,  it  said  the  new  product  triples 
the  performance  of  the  DMX-4  while  offering 
twice  the  connectivity  ■ 


EMC's  Symmetrix 
V-Max  storage 
array  is  designed 
to  support  heav¬ 
ily  virtualized 
data  centers. 
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Exchange 

continued  from  page  1 

in  very  logical  ways  from  the  model  laid  out  in  Exchange  2007. 

In  addition  to  the  cleaner  scalability  and  availability  features, 
Exchange  2010  has  better  command-line  support  (including  remote 
Exchange  Shell),  integrated  archiving,  and  role-based  access  controls. 

Webmail  features  on  par  with  Outlook 

Users  accustomed  to  Web-based  access  to  their  personal  e-mail 
through  free  Internet  services  such  as  Google’s  Gmail,  expect  the  same 
power  and  access  through  a  browser  for  their  business  e-mail.  Exchange 
2010  stands  up  very  well  to  these  high  expectations. 

Exchange  20 1 0’s  Web  client  is  easier  to  use  because  of  features  such  as 
threaded  messaging  (which  sorts  and  groups  messages  by  subject  line) 
and  single-screen  in-box  (which  lets  you  see  all  your  messages  without 
having  to  click  “next  screen”).  Microsoft  added  strong  server-side  search 
features  in  Exchange  2007,  and  these  are  extended  to  the  Web  client  in 
Exchange  2010.This  gives  you  access  to  your  entire  message  store,  even 
if  you’re  on  a  device  that  has  no  local  mail  storage. 

Exchange  2010  also  includes  a  helpful  new  feature  called  “MailTips,” 
which  pops  up  information  messages  about  e-mail  you’re  composing. 
For  example,  if  you’re  sending  a  message  to  someone  who  has  set  a  vaca¬ 
tion  message,  MailTips  pops  up  this  information  while  you’re  addressing 
the  message.  The  version  we  tested  had  several  examples,  including 
warnings  about  sending  binary  attachments  (such  as  .EXE  files),  which 
recipients  might  not  be  able  to  open,  sending  to  large  distribution  lists, 
and  sending  to  lists  with  off-network  members. 

Exchange  2010  adds  some  important  changes  for  non-Internet 
Explorer  browsers  by  officially  and  fully  supporting  both  Firefox  and 
Safari  with  its  premium  version  of  the  Outlook  Web  Access  client.  In  our 
testing,  while  Firefox  and  Safari  do  get  a  better  experience  than  in  the 
past,  they  aren’t  quite  at  parity  with  the  Internet  Explorer  experience.  For 
example,  a  number  of  features  —  such  as  MailTips  and  drag-and-drop  of 
attachments  -  simply  don’t  work.  Additionally  Exchange  2010  managed 
to  crash  our  Safari  browser  several  times.  Some  of  these  issues  will  like¬ 
ly  be  resolved  as  Exchange  2010  moves  from  beta  to  full  release. 

Some  of  the  most  interesting  features  on  the  user  side  relate  to  the  abil¬ 
ity  for  users  to  control  their  own  environments.  Microsoft  has  moved  a 
number  of  controls  out  to  the  user,  a  significant  trend  in  a  world  where 
users  are  more  comfortable  with  collaboration  tools  than  ever  before. 
This  movement  is  driven  in  part  by  Exchange’s  push  into  hosted  e-mail 
services,  in  which  user  self  service  is  an  expected  feature. 

In  Exchange  2010,  these  self-service  features  are  spilling  over  into  the 
corporate  environment  as  well.  Exchange  managers  can  now  allow 
users  to  update  their  address  information,  search  for  delivery  reports  on 
messages  they’ve  sent  or  received,  and  manage  and  moderate  distribu¬ 
tion  lists.  For  enterprises  that  haven’t  given  up  on  mailing  lists  handled 
through  Exchange,  these  features  should  reduce  help  desk  calls  and  sig¬ 
nificantly  improve  user  satisfaction  with  their  e-mail  system.  (Again,  not 
all  these  features  are  available  in  browsers  other  than  IE7.) 

In  our  testing,  the  message  tracking  available  to  users  could  use  some 
work  —  it  provides  little  detail  other  than  times  that  messages  were  sub¬ 
mitted  and  then  delivered,  without  really  explaining  where  and  how 
Exchange  sent  the  message,  especially  when  sending  out  to  the  Internet. 
However,  given  that  users  had  none  of  this  information  in  the  past,  this  is 
a  step  forward. 

If  you’ve  chosen  to  integrate  Exchange  into  your  IP-based  telephony 
system,  users  will  likely  fall  in  love  with  another  new  feature:  voice  mail 
preview. When  voice  mail  messages  are  received  in  Exchange, it  attempts 
to  create  a  text  preview  of  the  voice  mail.  This  would  let  you  preview 
your  voice  mail  on  a  mobile  device  or  a  Web-based  environment  where 
audio  isn’t  readily  available. We  haven’t  seen  too  many  organizations  link 
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Product  Exchange  2010  Beta  1 

Vendor  Microsoft 

www.microsoft.com/exchange/2010 

Price  $499  for  a  10-user;  $995  for  an  unlimited  user 
license. 

Pros  Improved  end-user  experience,  user  self-service, 
simplified  clustering,  extended  high  availability 
and  reliability  features 

Cons  Firefox  and  Safari  better,  but  not  fully,  support¬ 
ed;  more  intensive  resource  usage  on  servers. 

Exchange  that  closely  to  their  IP  PBXs,  but  Microsoft  continues  to  pro¬ 
vide  reasons  to  consider  making  the  connection. 

Better  scalability  and  control  for  administrators 

While  Exchange  2007  introduced  a  plethora  of  reliability  and  scala¬ 
bility  features,  Exchange  2010  helps  to  clean  up  a  confusing  set  of 
options.  E-mail  managers  looking  for  guidance  on  building  distrib¬ 
uted  Exchange  networks  will  be  pleased  to  see  what  has  been  pushed 
into  Exchange  2010. 

The  biggest  change  for  administrators  in  Exchange  2010  is  an  extend¬ 
ed  but  simplified  capability  to  distribute  different  user  mailboxes  across 
different  servers,  and  keep  those  servers  highly  available.The  binding  of 
message  stores  to  physical  servers  has  been  loosened  considerably  and 
network  managers  should  now  easily  be  able  to  replicate  a  message 
store  —  as  many  as  16  copies  are  supported  —  across  multiple  servers, 
with  automatic  failover  capability  between  servers. 

We  built  two  different  mailbox  servers  and  then  created  a  “database 
availability  group”,  a  new  concept  in  Exchange  2010  that  replicates  a 
message  store  database  between  two  servers.  We  then  disconnected 
one  of  the  servers  from  the  network  and  tested  that  the  other  copy  of  the 
database  was  still  available.  Compared  with  the  more  confusing  set  of 
options  for  local  and  remote  replication  in  Exchange  2007,  this  was 
much  easier  to  set  up  and  had  an  easier  recovery  path. 

Of  course,  having  two  copies  of  the  message  store  doesn’t  help  if  you 
don’t  build  other  resiliency  such  as  multiple  client  access  servers,  into 
your  deployment,  so  this  new  feature  isn’t  going  to  be  the  last  word  in 
simplified  reliability  Clustering  can  be  an  important  part  of  a  high-avail- 
ability  solution  as  well,  and  Exchange  2010  should  simplify  that  tremen¬ 
dously  In  Exchange  2007,  Windows  Server  clustering  was  managed  very 
separately  from  Exchange,  which  required  additional  expertise  and  a  dif¬ 
ferent  skill  set  from  what  the  standard  e-mail  manager  holds.  Exchange 
2010  doesn’t  entirely  solve  this,  but  does  move  cluster  management 
directly  into  the  Exchange  management  system.  Some  e-mail  managers 
are  reluctant  to  use  clustering  because  they  don’t  understand  it  and 
don’t  know  how  to  manage  and  control  it;  by  moving  this  important  part 
of  a  high-reliability  system  directly  into  Exchange,  Microsoft  makes  it 
more  likely  that  managers  will  be  able  to  use  clustering  successfully 

A  nice  improvement  on  the  scalability  front  is  the  ability  to  move  a 
mailbox  between  databases  without  shutting  it  down.  In  Exchange  2007, 
moving  message  store  mailboxes  from  one  database  to  another  could 
require  a  significant  amount  of  downtime.  In  Exchange  2010, you  move 
a  mailbox  that  is  in  active  use  between  message  store  databases.This  lets 
the  e-mail  manager  balance  the  load  across  servers  and  disk  subsystems 
without  making  mailboxes  unavailable.  Having  this  feature  will  also  let 
e-mail  managers  resist  the  temptation  to  build  many  small  message  data¬ 
bases  rather  than  a  few  larger  ones,  because  there’s  no  need  to  try  and 
predict  how  big  each  mailbox  and  message  store  database  is  going  to 
be  for  load-balancing  purposes. 

See  Exchange,  page  18 
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Networx  sales 

Estimates  vary  on  how  much  business  has  been 
done  under  the  federal  Networx  program,  but 
everyone  in  the  federal  IT  market  agrees  that 
the  10-year  deal  is  coming  up  short  of  the  $4B  in 
sales  that  was  projected  by  now.  Below  is  a  list  of 
how  much  business  has  been  awarded  on 
Networx  according  to  GSA  and  the  carriers: 


Carrier 

GSA 

estimate* 

Carrier 

Estimate 

Verizon 

$261 M 

$1,643M 

AT&T 

$249M 

$700M 

Qwest 

$135M 

$135M 

Sprint  Nextel 

$2M 

N/A 

Level  3 

N/A 

N/A 

Total: 

$647M 

$2,478M 

SOURCE:  *GSA  FAIR  OPPORTUNITY  REPORT,  MARCH  2009  **  FROM  PRESS  RELEASES 
OR  PUBLIC  STATEMENTS  ISSUED  BYTHE  CARRIERS. 


Networx 

continued  from  page  1 

federal  agencies  said  they  would 
choose  carriers  through  a  competitive 
process  dubbed  “fair  opportunity”  by 
Sept.  30, 2008. That  deadline  came  and 
went,  with  only  a  handful  of  agencies 
such  as  the  Department  of  Homeland 
Security  and  Treasury  making  moves 
to  migrate  from  their  predecessor  FTS 
2001  telecom  contracts  to  the 
Networx  program. 

As  of  April  15,  only  26%  of  the  largest 
federal  agencies  have  made  awards 
under  the  Networx  program,  GSA  says. 

Not  even  half  of  them  —  41%  —  have 
begun  transitioning  to  the  new  con¬ 
tract,  according  to  GSA.  This  is  signifi¬ 
cant  because  the  top  25  agencies  that 
GSA  tracks  represent  95%  of  the  busi¬ 
ness  volume  expected  on  Networx. 

In  a  March  report,  GSA  identified  less 
than  $650  million  in  Networx  contract 
awards  —  a  small  share  of  the  $4  billion  that 
should  have  gone  to  Networx  contractors  by 
now. 

“Where  we  are  right  now  is  not  where  we 
thought  wed  be  when  we  awarded  the  con¬ 
tract,”  admits  Karl  Krumbholz,  director  of 
Network  Services  Programs  in  the  Office  of 
Integrated  Technology  Services  at  GSAs 
Federal  Acquisition  Service.  “The  agencies  are 
now  saying  that  all  of  their  orders  are  going  to 
be  in  by  April  1,2010.” 

Carriers  say  GSAs  Networx  sales  figures  are 
too  conservative,  and  that  they  have  won  three 
or  four  times  more  Networx  business  than  GSA 
is  reporting.  (See  Networx  sales  chart).  But  the 
carriers  agree  that  the  Networx  transition  is 
running  way  behind  schedule,  and  that  they 
haven’t  earned  anywhere  near  the  revenues 
that  they  originally  envisioned. 


“The  transition  is  much  more  complex  than 
[GSA]  had  anticipated,  and  as  a  result  it  is 
behind  what  they  projected,”  says  Bill  White, 
vice  president  of  federal  programs  with  Sprint. 

Diana  Gowen,  senior  vice  president  and  gen¬ 
eral  manager  of  Qwest  government  services, 
agrees.“We  will  have  enough  years  on  the  back 
end  of  the  contract  to  start  seeing  the  imple¬ 
mentation  of  new  solutions,  technologies  and 
a  bigger  spend  on  Networx’”  she  says. “Failure 
no,  but  soooo....slowT 

Despite  the  Networx  program’s  slow  start, 
GSA  and  the  carriers  remain  optimistic  that  the 
deal  will  eventually  be  worth  $20  billion  or 
more  as  agencies  migrate  all  of  their  telecom 
services  off  FTS  2001  onto  Networx.They  hope 
to  grow  wireless  traffic,  sell  additional  man¬ 
aged  security  services  and  attract  more  mili¬ 
tary  customers. 


“If  you  get  awarded  a  contract  that’s 
worth  half-a-billion,  chances  are  it  will 
double  or  triple  over  the  course  of  the 
Networx  cycle  because  people  will 
need  to  add  services,  and  security  will 
expand,”  says  Susan  Zeleniak,  group 
president  of  Verizon  Federal.“We’re  see¬ 
ing  a  growing  need  for  things  like  stor¬ 
age  and  data  center  hosting. 
Telecommuting  ...  is  an  application  of 
Networx  that  hasn’t  even  begun  to  take 
hold  yet  but  I’m  certain  it  will.” 

Conceived  by  GSA  in  2003,  Networx 
is  the  latest  in  a  series  of  umbrella  con¬ 
tracts  that  have  provided  low-cost  tele¬ 
com  services  to  135  federal  agencies 
domestically  and  abroad  for  the  last 
two  decades. 

Networx  replaces  FTS  2001,  which 
carries  an  estimated  $1  billion  a  year 
in  voice,  data  and  video  traffic.  FTS 
2001  contractors  include  Verizon 
Business,  Sprint,  AT&T  and  Qwest,  and 
these  carriers’  FTS  2001  bridge  con¬ 
tracts  expire  in  May  and  June  2010. 

Networx  provides  50  telecom  services, 
including  long-distance  and  toll-free  voice; 
frame-relay  ATM  and  IP  data;  cellular  and  satel¬ 
lite  wireless;  video  and  audio  conferencing; 
call  center, Web  hosting  and  managed  security 
services. 

Agencies  can  choose  to  buy  comprehensive, 
global  telecom  services  through  Networx 
Universal,  which  is  held  by  AT&T,  Qwest  and 
Verizon  Business,  or  ala  carte  services  through 
Networx  Enterprise,  which  is  held  by  AT&T, 
Level  3,  Qwest,  Sprint  and  Verizon  Business. 

GSA  says  it’s  not  sure  how  much  money  the 
largest  25  agencies  have  spent  on  Networx 
because  they  receive  estimates  from  the  agen¬ 
cies  when  orders  are  placed. GSAs  $647  million 
figure  is  the  agency’s  best  guess  of  how  much 
business  agencies  are  planning  to  do  on 
Networx  right  now,  Krumbholz  says. 


Exchange 

continued  from  page  16 

Exchange  2010  is  also  internally  more 
resilient  to  failures,  with  the  ability  to  automat¬ 
ically  route  around  and  retransmit  messages 
lost  by  a  malfunctioning  transport  hub. 

As  with  Exchange  2007,  Microsoft  is  requir¬ 
ing  64-bit  hardware  and  operating  systems  for 
Exchange  20 10.  Our  beta  copy  was  64-bit  only. 
This  more  efficient  use  of  hardware  is  cou¬ 
pled  with  better  use  of  the  I/O  subsystem. 
Microsoft  claims  that  Exchange  2010  not  only 
does  fewer  I/O  operations  for  the  same  work¬ 
load,  but  also  smoothes  out  the  workload  so 
that  Exchange  2010  will  behave  better  on 
lower-speed  SATA  drives.  Microsoft  says  these 
new  features  will  enable  larger  Exchange 
deployments  to  use  less-expensive  hardware. 

Overall,  these  many  reliability  and  scalability 
features  add  up  to  a  significant  shift  in  thinking 
on  how  to  build  large  and  reliable  mail  sys¬ 
tems.  Rather  than  focus  on  very  expensive 


storage-area  networks  and  ultra-huge  servers, 
the  combination  of  clustering,  replication  and 
low-cost  disk  support  means  that  reliability 
and  scalability  can  be  based  on  replicating 
small,  inexpensive  servers.  E-mail  managers 
thinking  of  deploying  Exchange  2010  should 
evaluate  closely  these  new  grid-style  architec¬ 
tural  approaches  —  and  be  sure  that  your 
Exchange  team  has  adequate  time  to  rethink 
and  re-evaluate  commonly  held  beliefs  on 
how  to  build  large  Exchange  networks. 

Snyder  is  a  senior  partner  at  Opus  One,  a 
consulting  firm  in  Tucson,  Ariz.  He  can  be 
reached  at  Joel.Snyder@opusl.com. 


ONLINE:  Slideshow 

Look  through  the  different  aspects  of 
Exchange  2010. 

www.nwdocfinder.com/9639 


What's  next  for  Networx 

Networx  activity  has  grown  in  recent  months. 
In  January  less  than  12%  of  the  inventory  items 
on  FTS  2001  had  been  transitioned  to  Networx, 
GSA  said.  As  of  April  15,  that  number  more  than 
doubled  to  26%,  according  to  GSA. 

In  addition,  several  cabinet-level  agencies  — 
including  the  Social  Security  Administration, 
the  Department  of  Health  and  Human  Services 
and  the  State  Department  —  are  evaluating 
bids  and  plan  to  make  large  Networx  awards 
by  this  summer. 

“Things  have  ramped  up  significantly. .  .in  the 
first  half  of  this  year(  White  says. 

GSA  says  Networx  could  still  reach  $20  bil¬ 
lion  in  sales  by  2017. 

“We  have  every  expectation  that  the  contract 
will  grow,  and  we  don’t  feel  that  number  is  out 
of  whack,”  Krumbholz  says. 

In  the  end,  the  true  measure  of  success  for 
Networx  is  how  much  money  it  saves  the  fed¬ 
eral  government,  not  how  much  money  is 
spent  on  it,  GSA  says.  ■ 
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Onshoring  has  its  benefits 


TECH  UPDATE 

SI  An  inside  look  at  technologies  and  standards 


BY  PAUL  GASPARRO 

The  discussion  about  outsourcing  continues  to  be  an  on-again,off-again 
affair  —  that  is,  onshore  and  offshore.  Certainly  the  basic  value  of  out¬ 
sourcing  has  been  well  documented.  Benefits  range  from  dramatic 
cost  savings  to  reduction  of  inventory  and  allowing  companies  to  focus  on 
core  competencies.  What  is  still  up  for  debate,  however,  is  whether  to  adopt 
an  onshore  or  offshore  approach. 


While  each  approach  has  distinct  merits,  it  is 
instructive  to  examine  specific  outsourcing 
scenarios  to  determine  which  line  of  attack  is 
optimal.  For  example,  if  you  are  a  North  Ameri¬ 
can  company  seeking  to  outsource  develop¬ 
ment  of  a  prototype  for  a  new  high-tech  offer¬ 
ing,  or  software  development  for  a  major 
upgrade,  the  onshore  strategy  is  a  better 
method.  Lets  examine  the  rationale. 

Practical  experience:  Talent  available  on¬ 
shore  is  extensive  in  certain  domains.  For  ex¬ 
ample,  if  you’re  developing  video  games,  the 
United  States  and  Canada  offer  a  wealth  of  ex¬ 
perts.  Or  consider  biotechnology:  the  compe¬ 
tency  of  the  human  capital  in  this  area  is  be¬ 
yond  reproach.  In  fact,  the  availability  of  exper¬ 
tise  in  North  America  for  virtually  any  high- 
tech  sector  —  especially  telecommunications 
and  networking  —  is  unsurpassed. 

The  North  American  professionals  also  know 
how  to  commercialize  that  technology  for  spe¬ 
cific  customers  and  markets. 

Intellectual  property  protection:  Protecting 
intellectual  property  (IP)  is  vital  when  using 
an  outsourcer  to  work  on  a  proprietary  pro¬ 
ject.  Many  countries  abroad  —  most  notably 
in  the  Far  East  —  have  a  reputation  for  not 
fully  observing  copyright  laws  and  legislation 
relating  to  IP  protection.  This  is  a  concern 
when  dealing  with  any  proprietary  informa¬ 
tion;  it  is  magnified  when  the  IP  revolves 
around  a  company’s  core  competency  or 
technology  foundation. 

While  breaches  can  occur  anywhere  in  the 
world,  it  is  less  likely  to  happen  in  the  North 
American  market,  where  the  legislation  is 
stronger  and  enforced  with  far  greater  passion. 

Location,  location,  location:  One  of  the  key 
reasons  why  onshore  outsourcing  is  frequently 
a  better  option  is  proximity  When  your  out¬ 
sourcer  is  only  a  few  hundred  miles  or  even  a 
thousand  miles  away  you  can  hop  on  a  plane 
for  an  in-person  meeting. Taking  a  trip  to  India 
is  neither  convenient  nor  economical,  which 
discourages  the  face-to-face  interaction  that 
can  become  critical  if  a  project  begins  to  veer 
off-course. 

Time  is  a  close  relative  of  distance.  In  North 
America  you  are  never  separated  from  your 
outsourcer  by  more  than  four  time  zones,  so  it 


is  relatively  simple  to  set  up  a  conference  call. 
Now  try  booking  a  call  between  New  York  and 
China.  At  least  one  of  the  parties  will  likely  be 
forced  to  get  up  too  early  or  go  to  bed  too  late. 

Language  barriers:  One  of  the  most  obvious 
quandaries  of  an  offshore  setup  is  the  lan¬ 
guage  issue.  Even  if  an  overseas  outsourcer’s 
key  personnel  speak  English,  they  may  not  be 
versed  in  the  quirky  phrases  and  local  dialects 
that  can  make  English  hard  to  comprehend. 

It’s  been  said  of  America  and  England  that 
they  are  two  countries  separated  by  a  common 
language.  If  a  North  American  company  elects 
to  use  an  overseas  outsourcer,  both  parties  may 
be  speaking  English,  but  from  a  practical  per¬ 
spective,  the  message  could  be  misunder¬ 
stood. 

Design  culture:  Besides  language,  there  is  a 
difference  in  design  cultures  —  the  actual  pro¬ 
duct  development  approach  —  that  can  make 
offshore  outsourcing  less  attractive. 

In  North  America  and  Western  Europe,  there 
is  typically  a  great  deal  of  communication 
between  the  client  and  outsourcer.  For  exam¬ 
ple,  the  marketing  person  might  say“I  think  this 
product  should  be  this  shape.”  An  experienced 
North  American  outsourcer  could  counter 
with, “I  know  you  want  it  to  be  that  shape,  but  if 
it  were  this  shape  it  would  go  faster”  The  inter¬ 
action  results  in  the  highest  quality  and  most 
desirable  outcome. 

In  some  cultures,  particularly  in  the  Far  East, 
the  norm  is  to  develop  what  you  are  told. 
Often,  that  means  plodding  forward  without 
offering  feedback.  Ultimately  this  will  result  in  a 
product  that  meets  the  specifications,  but 
which  does  not  perform  as  the  customer 
expected.  The  creative  pushback  does  not 
occur,  resulting  in  multiple  iterations  that 
increase  project  cost  while  potentially  delay¬ 
ing  product  delivery 

Political/financial  stability:  All  it  takes  is  a 
quick  glance  at  any  newspaper  to  see  the  tur¬ 
moil  around  the  world  —  a  terrorist  attack 
here, a  coup  d’etat  there. What’s  more,  many  for¬ 
eign  countries  are  suffering  through  economic 
crises  that  make  the  current  problems  in  the 
United  States  pale  in  comparison. 

Needless  to  say  these  instances  have  ramifi¬ 
cations  that  are  far  more  worrisome  than  the 


effect  they  might  have  in  the  outsourcing  com¬ 
munity  Still,  these  are  elements  that  must  be 
considered  before  looking  abroad  for  assis¬ 
tance  in  bringing  a  product  to  market.  In  a  re¬ 
search  report  published  by  Black  Book  Re¬ 
search  and  Brown- Wilson  Group,  Canada  ranks 
as  one  of  the  top  10  safest  countries  in  the 
world  to  do  outsourcing.  India  ranked  in  the 
bottom  10. 

Total  project  cost:  From  a  dollar  perspective, 
the  lure  of  offshore  outsourcing  can  be  partic¬ 
ularly  potent.  The  cost  of  labor  in  India,  for 
instance,  may  be  only  40%  to  50%  of  the  going 
rate  in  Canada;  in  China,  it  may  be  as  low  as 
25%  of  that  same  cost. 

However,  the  cost  benefit  has  to  outweigh  all 
the  issues  outlined  above.  And  there  are  often 
hidden  costs.  If  there  are  language  issues,  for 
example,  you  may  have  to  incur  the  cost  of 
interpreter  services. 

The  cost  of  overall  project  management  is 
another  variable  that  must  be  accounted  for. 
Far  less  management  is  typically  required 
when  using  onshore  resources.  But  it  is  even 
more  closely  correlated  to  the  experience  fac¬ 
tor  than  anything  else.  Because  the  offshore 
team  may  be  less  experienced  in  the  specific 
development  or  market  area  the  customer  is 
seeking,  tighter  project  management  and  over¬ 
sight  will  be  required. 

It  should  also  be  noted  that  in  Canada,  R&D 
tax  credits  cut  as  much  as  70%  of  the  cost  of 
developing  technology  This  allows  companies 
to  counter  the  low  labor  costs  that  offshore 
oursourcers  use  as  one  of  their  competitive 
advantages. 

In  the  right  situations  offshore  outsourcing 
makes  sense,  such  as  in  high-volume  manu¬ 
facturing,  product  testing  or  fixing  a  problem 
vs.  creating  a  product  from  scratch.  But  if 
you’re  a  North  American  company  designing 
a  brand-new  product,  creating  a  prototype,  or 
doing  something  that’s  out  of  your  company’s 
primary  area  of  expertise,  you  should  be  look¬ 
ing  at  onshore  very  seriously  With  an  experi¬ 
enced  staff,  close  proximity,  negligible  time  dif¬ 
ference  and  real-time  interaction,  the  discus¬ 
sion  of  onshore  vs.  offshore  should  be  an  open 
and  shut  case. 

Gasparro  is  co-founder  and  vice  president  of 
business  development  for  MapleWorks 
Technology.  He  can  be  reached  at  paul.gaspar- 
ro@map!eworks.  com 


This  vendor-written  tech  primer  has  been 
edited  by  Network  World  to  eliminate  prod¬ 
uct  promotion,  but  readers  should  note  it 
will  likely  favor  the  submitter's  approach. 
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Network  World  Live! 
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1  ■  Value,  value,  value  -  Four  conferences  for  one  fee  in 
the  lowest  cost  venue  in  the  country 
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■  Tight  focus  on  today’s  hottest  technologies  - 

Virtualization,  app  delivery  and  cloud  computing 

■  Actionable  content  -  You’ll  walk  away  knowing  how 
to  get  more  out  of  your  existing  assets 

H-.  Insights  from  leading  visionaries  -  Learn  from  tech’s 
most  respected  thinkers 

5.  The  company  we  keep  -  The  world’s  most  innovative 
companies  will  be  there  as  sponsors 
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i 


at  Synergy  2009  May  4-7,  MGM  Grand,  Las  Vegas 


For  more  information  on  Network  World  Live!  and  Synergy,  go  to 
www.  networkworld .  com/synergy09 . 


Analyzing  Twitter  with  Excel,  Part  3 


For  the  last  two  weeks  I’ve  been  considering 
how  to  analyze  Twitter  messages  using 
Excel  2003.  Having  been  thwarted  by  the 
deficiencies  of  Excel  and  Twitter  (turns  out  that 
Twitter  Search  returns  malformed  HTML  and 
GEARHEAD  Excel  won’t  tolerate  that)  I  have  a  new  plan:  Let’s 
r:  ,  p  ■  u  u  use  cURL  to  retrieve  the  raw  XML  returned  by 

IVI  a  T  K  b  I  D  D  S  Twitter  search  and  haul  that  data  into  Excel. 

CURL  is  a  free  open  source  tool  that  lets  you 
perform  data  transfers  specified  by  URLs  (  I  give  cURL  5  out  of  5).  For 
some  background  on  cURL  check  out  www.nwdocfinder.com/9623. 

I’m  going  to  use  cURL  to  retrieve  the  Twitter  Search  data  for  a  specific 
day  I  can’t  do  this  efficiently  in  Excel  using  XML  Maps  because  once  you 
have  defined  an  XML  source  you  can’t  easily  change  it. You  can  change 
the  XML  Map  URL  through  Visual  Basic  for  Applications,  but  messing 
with  VBA  is  how  people  descend  into  madness. 

That  said, I’m  not  sure  that  madness  isn’t  a  consequence  of  all  software 
engineering  and,  in  this  case,  the  solution  is  going  to  be  ugly  because 
we’re  forcing  weakly  structured  content  to  do  handstands. 

Anyway  I’m  going  to  employ  cURL  to  retrieve  the  content  from  Twitter 
search  using  a  batch  file  (I’ve  wrapped  the  line  below  for  readability  — 
you  should  combine  the  lines  into  a  single  line  with  no  spaces  in  the  text 
between  the  double  quotes): 
curl“http://search.twitter.com/search?q=rovio 
&since=%  l&until=%  l&rpp=100&page=l  ”-o  tweets%  1-1  .htm 
If  the  batch  file  is  called,  say  getrovio.bat,  then  the  command  line  for 
this  request  would  be  of  the  form  “getrovio  2009-04-01  ’’.This  will  get  just 
the  first  page  of  matching  Tweets  for  April  1 , 2009. 

Now  if  the  term  we’re  searching  for  is  really  popular  we’re  going  to 
need  to  run  the  search  multiple  times,  but  here’s  the  problem  — Twitter 


will  return  a  Web  page  even  when  there’s  no  data  so  we  need  to  analyze 
the  content  to  look  for  the  string  “no  results”,  which  is  what  Twitter  will 
report.  So,  we’re  going  to  use  grep  on  the  output  file: 
grep“no  results  for” tweets%l-l.htm 

If  grep  can  make  a  match  it  will  set  the  errorlevel  to  1  while  no  match 
will  result  in  an  errorlevel  of  0. 

Assuming  we  might  need,  say  5,000  results  for  a  really  popular  search 
term,  we  need  to  ensure  we  loop  through  the  curl  and  get  the  Tweets  up 
to  50  times.  Here’s  how  we’ll  do  it  (note  that  I’ve  used  the  environment 
variable ‘counter’ as  the  page  index  and  I’ve  split  the  curl  command  over 
two  lines  for  readability): 

@echo  off 
set  counter=0 
:start 

set  /a  counter+=l 
echo  %counter% 

curl“http://search.twitter.com/search?q=rovio&since=%l&until=%l 
&rpp=  1 00&page=%counter%” -o  tweets%l-%counter%.htm 
grep  “No  results  for”  tweets%l-%counter%.htm 
echo  %errorlevel% 
if  %counter%  =  10  goto  :next 
if  %errorlevel%  =  0  goto  :next 
goto  :start 
:next 

When  we  create  another  batch  file  to  call  the  batch  file  above  and  pro¬ 
vide  a  list  of  dates  we’re  interested  in  we  can  run  it  and  have  a  collec¬ 
tion  of  files  named  ‘tweetsYYYY-MM-DD-N.htm’.  We’ll  do  that  and  start  to 
extract  stats  . . .  next  week. 

Gibbs  can  be  reached  at  gearhead@gibbs.com. 


Sharing  USB  devices  easily 


COOL 


The  scoop:  Four-port  USB  Net  ShareStation 
(model  GUIP204),by  Iogear,  about  $85. 

What  it  is:  This  handy  little  device  is  designed 
to  connect  to  your  home  router  or  a  switch 
(either  wired  or  wireless)  and  as  many  as  four 
different  USB-enabled  devices.  With  the  Share- 
Station  connected  to  the  router,  any 
PC  on  the  home  network  can 
access  those  USB-enabled 
devices  from  anywhere  on  the  network.The  Share- 
Station  supports  USB  printers  (including  multi 
function  printers),  Webcams,  speakers  and 
external  storage  drives. 

Why  it’s  cool:  I’ve  been  looking  for  a  way  to 
share  a  multifunction  printer  that  I  own  with 
multiple  PCs  within  my  home,  and  some  of 
the  network-attached  storage  (NAS)  devices 
that  I’m  testing  won’t  support  the  multifunc¬ 
tion  printers  with  their  print  servers.  With  the 
ShareStation,  it  was  very  easy  to  connect  it  to 
an  open  port  on  my  switch  (connected  to 
my  wireless  router), and  then  attach  the  mul¬ 
tifunction  printer  and  an  external  storage 

drive  to  the  ShareStation.The  real  selling  point  is  that  I  can  work  upstairs 
on  my  notebook  and  wirelessly  print  to  the  multifunction  printer  with¬ 
out  worrying  about  setting  up  the  printer  as  a  network  printer  or  shared 
printer  or  any  of  that  junk.  In  the  eyes  of  my  PC,  the  printer  is  sitting  right 
next  to  me  instead  of  downstairs  next  to  the  router. 

Having  support  for  an  external  storage  drive  also  turns  those  drives 
into  an  inexpensive  NAS  device  —  multiple  users  can  access  the  USB 
drive  for  copying  files  or  backing  up  their  systems.  And  the  support  for 
USB  Webcams  means  you  can  create  a  “security”  system  by  attaching  the 


logear’s 
USB  Net 

ShareStation  lets  you 
connect  your  home  router  to  as 
many  as  four  USB-enabled  devices. 


USB  Webcam  to  the  ShareStation  and  watch  the  camera  from  some¬ 
where  else  on  the  home  network. 

Some  caveats:  The  setup  was  a  bit  wonky  —  I  had  to  install/reinstall 
once  before  the  system  recognized  everything.  In  addition,  each  PC  that 
needs  to  access  the  USB  devices  needs  the  Iogear  client  software  and 
driver  for  the  ShareStation.  In  addition,  they  will  need  any  USB  device 
driver  software, such  as  the  printer  drivers  or  the  USB  Webcam  software,. 

The  other  major  point  is  that  the  system  does  not  support  concurrent 
multiple  users.  If  one  PC  is“connected”to  the  printer, a  second  PC 
cannot  use  that  device  until  the  first  user  “discon¬ 
nects”  .This  is  different  than  a  NAS  box  or  net¬ 
work  printer,  in  which  multiple  users  can 
access  the  device  at  the  same  time.  But  at 
least  this  method  is  easier  to  set  up. 

Also,  there  are  different  methods  for  ac¬ 
cessing  the  ShareStation  depending  on 
whether  you’re  using  a  Windows  XP  or  Vista 
system.  On  XPyou  use  client  software  to  access 
the  device;  on  Vista,  you  have  to  open  the  “net¬ 
work”  window,  then  choose  the  specific  device. 
Disconnecting  from  the  USB  device  on  the 
ShareStation  also  requires  a  few  steps  —  when 
you  disconnect  from  the  hard  drive,  for  example, 
you  have  to  remember  to  do  the  “safely  remove  hardware”  action  in 
Windows  first,  then  access  the  “disconnect”  menu.  Finally  I  would  have 
liked  to  see  Macintosh  support  (at  least  for  the  printer  and  storage 
drive),  so  my  wife’s  Mac  can  access  these  USB  devices  (maybe  a 
firmware  update  will  fix  that,  fingers  crossed). 

Grade:  ★★★★  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com.  Follow  him  on  Twitter  at 
http://twitter.com/shawkeith. 
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Let  the  solution  come  from  above. 


The  MovinCool  CM  12  ceiling-mounted 
packaged  air  conditioning  system. 

•  Quick  &  easy  installation  with  built-in  flanges  and  mounting  brackets 

•  No  special  electric  required  -  1  15V,  15  amps 

•  Easily  fits  into  tight  ceiling  spaces  -  just  1 5.5"  tall 

•  Lower  cost  than  precision  cooling  systems 

•  No  floor  space  needed 

•  13,000  Btu/h  at  95°  60%  RH 

•  MORE  BANG  FOR  YOUR  BUCK  -  saves  you  space,  time  and  costs,  plus 
it's  backed  up  with  one  of  the  best  warranty  coverages  in  the  business 


To  learn  more 
visit  movincool.com 

or  call  800-264-9573 

/VO/INCOOL 

THE  #1  SPOT  COOLING  SOLUTION 

A  DENSO  product 


Classic  and  Classic  Plus  Series 


©  2009  DENSO  Sales  California,  Inc.  MovinCool,  SpotCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 


RIDGE  TO 

TERABIT 

ETHERNET 

■40/100Gigabit  Ethernet  products  to  ship  by 
year-end;  terabit  speeds  anticipated  by  2015 


BY  JIM  DUFFY 

IT  managers  who  are  getting  started  with  — 
or  even  pushing  the  limits  of  —  10  Gigabit 
Ethernet  in  their  LANs  and  data  centers  won’t 
have  to  wait  long  for  higher  speed  connectivi¬ 
ty  Pre-standard  40/100G  Ethernet  products  — 
server  network  interface  cards, switch  uplinks 
and  switches  —  are  expected  to  hit  the  mar¬ 
ket  later  this  year.  And  standards-compliant 
products  are  expected  to  ship  in  the  second 
half  of  next  year,  not  long  after  the  expected 
June  2010  ratification  of  the  802.3ba  stan¬ 
dard. 

The  IEEE,  which  began  work  on  the  stan¬ 
dard  in  late  2006,  is  expected  to  define  two 
different  speeds  of  Ethernet  for  two  different 
applications:  40G  for  server  connectivity  and 
100G  for  core  switching. 


Despite  the  economic  slowdown,  global  rev¬ 
enue  for  10G  fixed  Ethernet  switches  doubled 
in  2008,  according  to  Infonetics.  And  there  is 
pent-up  demand  for  40G  and  100G  Ethernet, 
says  John  D’ Ambrosia, chair  of  the  802.3ba  task 
force  in  the  IEEE  and  a  senior  research  scien¬ 
tist  at  Force  10  Networks. 

“There  are  a  number  of  people  already  who 
are  using  link  aggrega¬ 
tion  to  try  and  cre¬ 


ate  pipes  of  that  capacity?’  he  says.  “It’s  not  the 
cleanest  way  to  do  things...  [but]  people 
already  need  that  capacity 
D’Ambrosia  says  even  though  40/100G 
Ethernet  products  haven’t  arrived  yet,  he’s 
thinking  ahead  to  Terabit  Ethernet  standards 
and  products  by  2015.  “We  are  going  to  see  a 
call  for  a  higher  speed  much  sooner  than  we 
saw  the  call  for  this  generation”  of  10/40/100G 
Ethernet,  he  says. 

According  to  the  802. 3ba  task  force,  band¬ 
width  requirements  for  computing  and  core 
networking  applications  are  growing  at  differ¬ 
ent  rates,  which  necessitates  the  definition  of 
two  distinct  data  rates  for  the  next  generation 
of  Ethernet.  Servers,  high-performance  comput¬ 
ing  clusters,  blade  servers,  storage-area  net¬ 
works  and  network-attached  storage  all  make 
use  of  1G  and  10G  Ethernet,  with  10G  growing 
significantly  in  2007  and  2008. 

I/O  bandwidth  projections  for  server  and 
computing  applications,  including  server  traf¬ 
fic  aggregation,  indicate  that  there  will  be  a  sig¬ 
nificant  market  potential  for  a  40G  Ethernet 
interface,  according  to  the  task  force.  Ethernet 
at  40G  will  provide  approximately  the  same 
cost  balance  between  the  LAN  and  the 
attached  stations  as  10G  Ethernet,  the  task 
force  believes. 

Core  networking  applications  have  demon¬ 
strated  the  need  for  bandwidth  beyond  exist¬ 
ing  capabilities  and  beyond  the  projected 
bandwidth  requirements  for  computing  appli¬ 
cations.  Switching,  routing  and  aggregation  in 
data  centers,  internet  exchanges  and  service 
provider  peering  points,  and  high  bandwidth 
applications  such  as  video  on  demand  and 
high-performance  computing,  need  a  100G 
Ethernet  interface,  according  to  the  task  force. 

“Initial  applications  [of  40/100G  Ethernet] 
are  already  showing  up,  in  stacking  and  highly 
aggregated  LAN  links,  but  the  port  counts  are 
low,”  says  George  Zimmerman,  CTO  of 
SolarFlare,  a  maker  of  Ethernet  physical 
layer  devices. 

Zimmerman  says  10G  is  just  now  tak¬ 
ing  off  in  the  access  layer  of  large  net¬ 
works  and  will  eventually  move  to 
the  client  side,  creating  the  need  for 
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40/100G  in  the  distribution  layer  and  the  net¬ 
work  core. 

He  says  the  application  of  100G  Ethernet  in 
the  core  is  imminent,  and  is  about  two  years 
away  in  the  distribution  layer.  “Both  will  be  dri¬ 
ven  by  and  drive  10G  adoption  in  the  access 
and  client  end  of  the  network,  where  today  the 
numbers  are  still  much  smaller  than  the  poten¬ 
tial,”  he  says 

Spec  designed  for  seamless  upgrades 

The  802.3ba  specification  will  conform  to 
the  full-duplex  operating  mode  of  the  IEEE 
802.3  Media  Access  Control  (MAC)  layer, 
according  to  the  task  force.  As  was  the  case  in 
previous  802.3  amendments,  new  physical  lay¬ 
ers  specific  to  either  40Gbps  or  lOOGbps  oper¬ 
ation  will  be  defined. 

By  employing  the  existing  802.3  MAC  proto¬ 
col,  802.3ba  is  intended  to  maintain  full  com¬ 
patibility  with  the  installed  base  of  Ethernet 
nodes,  the  task  force  says.  The  spec  also  is 
expected  to  use  “proven  and  familiar  media,” 
including  optical  fiber,  backplanes  and  copper 
cabling,  and  preserve  existing  network  archi¬ 
tecture,  management  and  software,  in  an  effort 
to  keep  design,  installation  and  maintenance 
costs  at  a  minimum. 

Even  though  the  802.3ba  standard  is  not 
expected  to  be  ratified  until  June  2010,  initial 
interoperability  testing  will  commence  later 
this  year, says  Brad  Booth,  chair  of  the  Ethernet 
Alliance.  Public  demonstrations  will  emerge  in 
2010,  and  certification  testing  will  start  once 
the  standard  is  ratified,  Booth  says 

The  specification  and  formation  of  the 
40/100G  task  force  did  not  come  without  some 
controversy,  however.  Participants  in  the  Higher 
Speed  Study  Group  (HSSG)  within  the  IEEE 
were  divided  on  whether  to  include  40G 
Ethernet  as  part  of  their  charter  or  stay  the 
course  with  100G. 

After  about  a  month,  the  HSSG  agreed  to 
work  on  a  single  standard  that  encompassed 
both  40G  and  100G. 

“In  a  sense,  we  were  a  little  bit  late  with  this,” 
D’Ambrosia  says.“By  our  own  projections,  the 
need  for  100G  was  in  the  2010  timeframe.  We 
should  have  been  done  with  the  100G  (spec) 


probably  in  the  2007-08  timeframe, at  the  latest. 
We  actually  started  it  late,  which  is  going  to 
make  the  push  for  terabit  seem  early  by  com¬ 
parison.  But  when  we  look  at  the  data  forecasts 
that  we’re  seeing,  it  looks  to  be  on  cue.” 

Driving  demand  for  40/100G  Ethernet  are  the 
same  factors  currently  stoking  10G:  data  center 
virtualization  and  storage,  and  high-definition 
videoconferencing  and  medical  imaging. 
Some  vendors  are  building  40/100G  Ethernet 
capabilities  into  their  products  now. 

Vendors  prepare  for  100G 

Cisco’s  Nexus  7000  data  center  switch,  which 
debuted  early  last  year,  is  designed  for  future 
delivery  of  40/100G  Ethernet. 

“We  have  a  little  more  headroom,  which  isn’t 
bad  to  have  when  you  look  at  future  Ethernet 
speed  transitions  coming  in  the  market,”  says 
Doug  Gourlay,  senior  director  of  data  center 
marketing  and  product  management  at  Cisco. 
“We’re  pretty  early  advocates  of  the  100G  effort 
in  the  IEEE.  [But]  the  earliest  you’ll  see  prod¬ 
ucts  from  any  company  that  are  credible  deliv¬ 
eries  and  reasonably  priced:  second  half  of 
2010  onward  for  40/100G.” 

Verizon  Business  last  fall  began  offering  10G 
Ethernet  LAN  and  Ethernet  Virtual  Private  Line 
services  to  customers  in  100  U.S.  metro  mar¬ 
kets.  Verizon  Business  also  offers  “lOG-capable” 
Ethernet  Private  Line  services. 

The  carrier  has  40G  Ethernet  services  on  its 
five-year  road  map  but  no  specific  deployment 
dates,  says  Jeff  Schwartz,  group  manager, 
Global  Ethernet  Product  Marketing.  Instead, 
Verizon  Business  has  more  10G  Ethernet 
access  services  on  tap  for  later  this  year. 

“We  want  to  get  to  100G,”  Schwartz  says.“40G 
may  be  an  intermediary  step.” 

Once  Verizon  Business  moves  its  backbone 
architecture  towards  40/100G,  products  and 
services  will  be  following,  he  says. 

Spirent  Communications,  a  maker  of 
Ethernet  testing  gear,  plans  to  release  a  40G 
Ethernet  testing  module  in  the  second  half  of 
this  year,  and  100G  Ethernet  modules  in  early 
2010,  says  Tim  Jefferson,  general  manager  of 
the  converged  core  solutions  group  at  Spirent. 
Jefferson  says  one  of 


the  caveats  that  users  should  be  aware  of  as 
they  migrate  from  10G  to  40/100G  Ethernet  is 
the  need  to  ensure  precise  clocking  synchro¬ 
nization  between  systems  —  especially 
between  equipment  from  different  vendors. 

Imprecise  clocking  between  systems  at 
40/100G  —  even  at  10G  —  can  increase  laten¬ 
cy  and  packet  loss,  Jefferson  says. 

“This  latency  issue  is  a  bigger  issue  than  most 
people  anticipate,”  he  says.  “At  10G,  especially  at 
high  densities,  the  specs  allow  for  a  little  vari¬ 
ance  for  clocks.  As  you  aggregate  traffic  into 
10G  ports,  just  the  smallest  difference  in  the 
clocks  between  ports  can  cause  high  latency 
and  packet  loss.  At  40G,  it’s  an  order  of  magni¬ 
tude  more  important  than  it  is  for  10G  and  Gig. 

“This  is  a  critical  requirement  in  data  centers 
today  because  a  lot  of  the  innovations  going 
on  with  Ethernet  and  a  lot  of  the  demand  for 
all  these  changes  in  data  centers  are  meant  to 
address  lower  latencies,”  Jefferson  adds. 

Another  challenge  is  readying  the  cabling 
infrastructure  for  40/ 1 00G, experts  say.  Ensuring 
the  appropriate  grade  and  length  of  fiber  is 
essential  to  smooth, seamless  operation. 

“The  big  consideration  is,  what’s  a  customer’s 
cabling  installation  going  to  look  like  and  what 
they’re  looking  for  to  be  able  to  handle  that,” 
Booth  says.  “They  are  probably  going  to  need 
to  have  a  parallel  fiber  capability’ 

“The  recommendations  we’re  making  to  cus¬ 
tomers  on  their  physical  plant  today  are 
designed  to  take  them  from  1G  to  10G;  10G  to 
a  unified  fabric;  and  then  address  future  40G,” 
Cisco’s  Gourlay  says. 

The  proposed  physical  interfaces  (PHY)  for 
40G  Ethernet  include  a  range  to  cover  distances 
inside  the  data  center  up  to  100  meters,  to 
accommodate  a  range  of  server  form  factors, 
including  blade,  rack  and  pedestal,  according  to 
the  Ethernet  Alliance.  The  100G  Ethernet  rate 
will  include  distances  and  media  appropriate 
for  data  center,  as  well  as  service  provider  inter¬ 
connection  for  intra-office  and  interoffice  appli¬ 
cations,  according  to  the  organization. 

The  proposed  PHYs  for  40G  Ethernet  are  1 
meter  backplane,  10  meter  copper  and  100 
meter  multimode  fiber;  and  10  meter  copper, 
100  meter  multimode,  and  10  kilometer  and  40 
kilometer  single-mode  fiber  for 
100G  Ethernet.  ■ 


CLEAR  CHOICE  TEST  ETHERNET  SWITCH 

SQom's  high-end  switch:  A  fast 
green  alternative  to  Cisco 

New  core  switch  tests  show  high  unicast  scalability,  low  power  use 


BY  DAVID  NEWMAN,  NETWORK  WORLD  TEST  ALLIANCE 

Com  says  it  has  an  alternative  for  network  managers  considering 
high-end  switches  from  Cisco  and  others.  Our  exclusive  Clear 
Choice  test  of  its  new  core  switch  backs  up  3Com's  claim.  This 
chassis-based,  288-port  device  delivered  line-rate  throughput  in 
all  performance  tests,  supported  more  Open  Shortest  Path  First  (OSPF) 
routing  sessions  than  we've  ever  set  up  and  consumed  remarkably  little 
power. 

While  the  device  we  tested  doesn't  have  all  the  features  of  some  com¬ 
petitors  (for  example, the  switch  doesn't  yet  support  hitless  upgrades), its 
strong  performance  and  low  power  consumption  make  it  a  viable 
option  for  large  and  midsize  organizations  in  the  market  for  core  and 
aggregation  switches. 

One  switch,  two  names 

3Com  sells  the  system  we  tested  under  two  names:  the  3Com  S7906E 
and  the  H3C  S7506E.That's  kind  of  a  mouthful,  so  we'll  refer  to  this  sys¬ 
tem  as  the  “3Com/H3C  switch”  going  forward.  (3Com  became  sole 
owner  of  H3C  after  buying  Huawei's  share  of  the  former  joint  venture  a 
couple  of  years  ago.  See  story  at  www.nwdocfinder.com/9523.) 

3Com  supplied  a  chassis  with  six  line  cards,  each  with  48  gigabit 
Ethernet  ports  that  use  SFP  transceivers  for  copper  or  fiber.  The  compa¬ 
ny  says  it  is  developing  less  costly  gigabit  Ethernet  cards  with  integrated 
copper  transceivers.  It  already  ships  larger  (lOslot)  and  smaller  (two- 
and  three-slot)  versions  of  the  same  switch.  In  3Com's  terminology  the 
slot  counts  refer  to  the  number  available  for  line  cards;  each  chassis  has 
two  additional  slots  for  redundant  management  modules. 

The  chassis  3Com  supplied  scales  up  to  288  gigabit  Ethernet  ports, 
but  only  16  10G  Ethernet  ports.  While  the  gigabit  port  count  is  rela¬ 
tively  high,  the  10G  Ethernet  number  is  not.  Competing  Cisco  Catalyst 
6509  and  Nexus  7010  switches  house  up  to  130  and  256  lOG-Ethernet 
cards,  respectively,  in  similar  configurations  with  dual  fabric  cards. 

3Com's  competitors  may  claim  the  lower  10G  Ethernet  port  density 
“proves”  this  is  a  smaller  switch  than  some  of  its  rivals,  but  results  from 
our  unicast  performance  tests  don't  support  that  conclusion:  A 
3Com/H3C  chassis  fully  loaded  with  gigabit  ports  moved  mid-  and 
large-size  frames  only  slightly  slower  than  a  Cisco  Catalyst  6509  fully 
loaded  with  10G  Ethernet  ports,  and  went  faster  than  the  Cisco  box 
with  short  frames.  While  there  are  some  apples-to-oranges  problems 
with  this  comparison  (the  tests  were  done  at  different  times,  for 
starters),  it's  not  automatically  the  case  that  lower  density  means 
lower  performance. 

We  also  asked  3Com  to  complete  an  extensive  features  question¬ 
naire  as  part  of  our  features  evaluation  (see  3Com  features  chart  at 
www.nwdocfinder.com/9525.)  While  we  didn't  verify  every  response 
on  the  questionnaire,  we  did  validate  that  the  system  supports  virtual¬ 
ly  all  major  switching,  routing  and  management  protocols. 

One  drawback  is  that  the  3Com/H3C  switch  doesn't  support  hitless 
upgrades  and  downgrades  of  software  images,  a  key  feature  support¬ 
ed  in  some  competing  switches.  The  vendor  says  it's  working  on  a 
release  that  will  add  this  capability  later  this  year. 

On  the  seventh  test  we  rested 

We  tested  the  3Com/H3C  switch/router  six  ways,  covering  Layer  2  and 
Layer  3  performance,  power  consumption,  features,  manageability  and 
usability  (see  “How  we  did  it”  at  www.nwdocfinder.com/9524).  We  also 
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Product  3Com  S7900E/H3C  S7500E 

Vendor  3Com 

www.3com.com 

Price  $243,090  as  tested  (288  gigabit  Ethernet  ports; 

dual  management  modules  and  power  supplies) 

Pros  Outstanding  Layer  2  and  Layer  3  unicast  scala¬ 
bility  and  performance;  low  power  consumption. 

Cons  Lower  10G  Ethernet  density  than  competing 

products;  no  hitless  upgrade  support  yet;  multi¬ 
cast  doesn't  scale  as  high  as  competing  prod¬ 
ucts. 


Score  4.28 


SCORECARD 


Action 

Weight 

Layer-2  unicast  performance 

20% 

5.0 

Layer-3  unicast  performance 

20% 

5.0 

Layer-3  multicast  performance 

20% 

3.0 

Power  consumption 

15% 

5.0 

Features 

15% 

3.5 

Switch  management  and  usability 

10% 

4 

Total  score 

4.28 

Scoring  key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1: 

Subpar  or  not  available. 

planned  a  seventh  test,  measuring  Layer  2  performance  between  a  pair 
of  10G  Ethernet  ports,  but  time  constraints  prevented  us  from  complet¬ 
ing  that  event. 

In  Layer  2  unicast  testing,  we  usually  configure  a  Spirent  TestCenter  traf¬ 
fic  generator/analyzer  to  emulate  one  or  more  hosts  on  each  port,  and 
then  measure  how  fast  the  switch  forwards  frames  between  each  port 
(throughput)  and  how  long  it  takes  for  each  frame  to  arrive  (latency). 

That's  what  we  did  here,  but  with  a  twist:  We  configured  Spirent 
TestCenter  to  900  unique  media  access  control  (MAC)  addresses  on 
each  port,  for  a  staggering  259,200  unique  addresses  and  more  than  74 
million  flows. 

That's  an  enormous  number  of  MAC  addresses. While  no  sane  network 
architect  would  design  a  single  flat  Layer  2  network  supporting  even 
l/20th  that  many  hosts,  scalability  to  such  high  levels  is  important  for  a 
core  switch.  It's  possible  that  a  switch  configured  with  hundreds  or  thou- 

See  3Com,  page  28 
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continued  from  page  26 

sands  of  virtual  LANs  might  need  to  learn  tens  or  even  hundreds  of  thou¬ 
sands  of  MAC  addresses,  as  the  3Com/H3C  device  did  here. 

The  switch  proved  highly  scalable  in  terms  of  Layer  2  data-plane  for¬ 
warding.  Regardless  of  frame  size  -  from  short  64-byte  frames  to  9,216- 
byte  jumbo  frames  —  the  switch  delivered  line-rate  throughput  in  all 
tests  involving  a  fully  meshed  pattern  between  all  288  gigabit  Ethernet 
ports  (see  table  below). 

Average  and  maximum  latency  —  key  metrics  for  real-time  applica¬ 
tions  involving  voice  and  video  —  were  also  remarkably  low  and  con¬ 
sistent.  For  example,  average  latency  with  64-byte  frames  was  around  6.5 
microsec.  That's  around  half  the  number  we  measured  with  Cisco's 
Catalyst  6509  using  10G  Ethernet  interfaces,  not  gigabit,  and  running  at 
10%  of  line  rate  (both  factors  that  should  result  in  significantly  lower 
latency).  Further,  maximum  latencies  were  not  far  above  the  averages, 
suggesting  the  3Com/H3C  switch  keeps  jitter  (delay  variation)  to  a  min¬ 
imum,  offering  more  protection  for  real-time  applications. 

In  assessing  Layer  3  scalability  we  measured  results  both  at  the  control 
plane  —  in  terms  of  the  number  of  Open  Shortest  Path  First  (OSPF)  ses¬ 
sions  and  the  number  of  routes  per  session  —  and  at  the  data  plane,  as 
in  our  Layer  2  tests.  The  control-plane  numbers  were  staggering:  We 
brought  up  288  adjacencies  (OSPF-speak  for  "session")  and  advertised 
more  than  200,000  routes  before  sending  traffic  to  all  routes. 

To  get  a  sense  of  the  scale  of  these  numbers,  consider  that  the  largest 
service  provider  networks  might  build  OSPF  databases  comprised  of 
50,000  or  fewer  networks.  For  even  large  enterprises  the  typical  routing 
table  is  far  smaller,  usually  on  the  order  of  hundreds  to  thousands  of 

3Com  core  switch  performance  test  results 

The  vchassis-based,  288-port  device  —  marketed  under  two 


routes.  Also,  the  288  concurrent  OSPF  sessions  represent  the  largest  scale 
Network  World  has  attempted  in  any  test  published. 

As  in  the  layer-2  assessment,  the  3Com/H3C  device  again  passed  all 
tests  with  flying  colors.  Throughput  across  288  ports  was  line  rate  for 
64-,  256-,  1,518-  and  9,216-byte  frames,  even  though  the  switch/router  had 
to  contend  with  simultaneous  data-plane  traffic  (always  offered  at  line 
rate  on  all  ports)  and  higher-priority  control-plane  traffic  (the  OSPF  mes¬ 
sages  that  must  get  through  for  routing  to  work). 

Some  buffering  is  necessary  for  the  switch/router  to  forward  both  data- 
and  control-plane  traffic  at  line  rate,  and  that  showed  up  in  the  latency 
results.  Average  latency  was  between  two  and  seven  times  higher  than  in 
the  Layer  2  unicast  tests,  depending  on  frame  size. 

That's  not  surprising  given  the  contention  between  test  traffic  and 
OSPF  packets  at  line  rate,  but  not  necessarily  a  cause  for  concern.  The 
latencies  again  compare  favorably  with  those  from  tests  of  large  Cisco 
switch/routers  (even  though  we  tested  the  Cisco  boxes  with  10G  inter¬ 
faces  and  measured  delay  at  10%  of  line  rate,  both  factors  that  should 
have  favored  the  Cisco  switch). 

Moving  multicast 

The  3Com/H3C  turned  in  perfect  multicast  data-plane  numbers. 
However,  multicast  control-plane  scalability  is  one  area  where  Cisco 
retains  an  edge  over  the  3Com/H3C  device. 

A  key  metric,  besides  throughput  and  latency  is  mroute  capacity  or  the 
number  of  source/group  combinations  a  device  can  support.  This  is 
especially  important  for  videoconferencing  or  streaming  quote  services, 
where  multicast  may  be  used  to  carry  messages  among  thousands  of 
users. 

In  layer-3  multicast  tests  of  Cisco's  Catalyst  6509  and  Nexus  7010,  we've 
tested  with  10,000  mroutes,  using  a  combination  of  200 
groups  with  50  transmitters  each.  In  contrast,  the  limit  of  the 
3Com/H3C  device  is  4,096  mroutes.  That's  more  than 
enough  for  small  and  midsize  enterprises,  and  3Com  says  it 
has  larger  systems  under  development, but  it  is  a  lower  ceil¬ 
ing  than  the  competing  Cisco  devices  we've  tested. 

The  3Com/H3C  device  also  limits  the  amount  of  multicast 
replication  to  any  combination  of  groups  times  receiver 
ports  that  totals  4,096.  We  haven't  hit  a  similar  limit  in  test¬ 
ing  other  core  switches. 

On  the  other  hand,  the  3Com/H3C  switch  once  again 
replicated  all  multicast  traffic  at  line  rate.  As  in  the  Layer  2 
and  3  unicast  tests,  the  device  never  dropped  a  frame  in 
any  of  our  multicast  tests.  Average  and  maximum  latencies 
were  significantly  higher  than  in  the  unicast  tests,  but  in  line 
with  most  other  switches  and  routers  we've  tested,  and  the 
numbers  involved  are  not  high  enough  to  degrade  applica¬ 
tion  performance. 


different  names,  the  3Com  S7906E  and  the  H3C  S7506E  —  delivered 
line-rate  throughput  in  all  performance  tests,  supported  more  OSPF 
routing  sessions  than  we’ve  measured  before  and  consumed  very  little 
power. 

H  Layer  2  unicast  testing  (288  gigabit  Ethernet  ports,  259,200  MAC  addresses) 


Frame  length 
(bytes) 

Thereotical 
maximum  (fps) 

Throughput 

(Ijps) 

Minimum 
latency  (usee) 

Average 
latency  (usee) 

Maximum 
latency  (usee) 

64 

428,571,429 

428,571,429 

2.74 

6.53 

9.50 

256 

130,434,783 

130,434,783 

2.49 

7.93 

12.69 

1,518 

23,407,022 

23,407,022 

2.50 

19.89 

33.86 

9,216 

3,897,791 

3,897,791 

2.50 

93.79 

175.93 

■  Layer  3  unicast  testing  (288  OSPF  adjacencies,  259,200  summary  link  state  advertisements) 


Frame  length 
(bytes) 

Thereotical 
maximum  (fps) 

Throughput 

(fps) 

Minimum 
latency  (usee) 

Average 
latency  (usee) 

Maximum 
latency  (usee) 

64 

428,571,429 

428,571,429 

2.79 

12.86 

192.32 

256 

130,434,783 

130,434,783 

2.53 

41.45 

279.57 

1,518 

23,407,022 

23,407,022 

2.46 

137.38 

399.24 

9,216 

3,897,791 

3,897,791 

2.48 

322.26 

633.18 

■  Layer  3  multicast  testing  (16  IGMPv3  groups,  48  transmitters/group,  240  receivers) 


Frame  length 
(bytes) 

Thereotical 
maximum  (fps) 

Throughput 

(fps) 

Minimum 
latency  (usee) 

Average 
latency  (usee) 

Maximum 
latency  (usee) 

64 

357,085,747 

357,085,747 

5.69 

22.05 

38.74 

256 

108,678,298 

108,678,298 

7.22 

59.60 

112.38 

1,518 

19,502,746 

19,502,746 

18.83 

308.38 

598.55 

9,216 

3,247,642 

3,247,642 

89.80 

1,826.57 

3,564.02 

Going  green 

Our  results  validate  3Com's  claim  that  low  power  con¬ 
sumption  is  a  key  differentiator  for  the  3Com/H3C  device. 
We  measured  power  usage  three  ways:  When  the  switch 
was  idle  (but  with  cables  connected  to  all  288  gigabit 
Ethernet  SFPs);  when  the  switch  forwarded  traffic  across 
all  ports  at  line  rate,  as  in  the  OSPF  tests;  and  when  the 
switch  forwarded  traffic  with  an  IP  option,  field  set  in 
every  packet  (thus  forcing  traffic  up  to  the  CPU  in  the 
switch's  management  module). 

Total  power  consumption  when  idle  was  927  watts,  but 
jumped  25%,  to  1,159  watts,  when  we  offered  data-plane 
traffic  at  line  rate.  With  IP  options  set,  consumption  was 
slightly  lower,  at  1,101  watts,  probably  because  this  test 
exercised  the  management  module's  CPU  far  more  than 
switching  silicon  on  each  line  card. 

While  we  don't  have  direct  comparisons  with  other 
chassis-based  switches  to  report,  there  is  anecdotal  evi¬ 
dence  that  competing  switches  consume  3,000  watts  or 
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more  in  similar  configura¬ 
tions. 

Further,  3Com  supplied  line 
cards  that  use  external  copper 
or  fiber  transceivers.  These 
probably  consume  more 
power  than  gigabit  line  cards 
with  integrated  copper  trans¬ 
ceivers;  3Com  says  such  cards 
are  due  for  release  later  in  the 
year. 


The  3Com/H3C  chassis-based 
switch  supplied  for  testing 
scales  up  to  288  gigabit 
Ethernet  ports,  but  only  16 
10G  Ethernet  ports. 


Manageability  and  usability 

For  many  network  man¬ 
agers,  ease  of  use  and  support 
for  various  management 
methods  is  at  least  as  impor¬ 
tant  a  consideration  as  high 
performance.  We  assessed 
these  areas  by  determining 
what  management  methods 
the  switch  supports,  as  well  as 
noting  subjective  observa¬ 
tions  about  ease  of  use  in  the 
course  of  setting  up  the  per¬ 
formance  tests. 

3Com  does  not  attempt  to  clone  the  10S  command-line  interface,  as 
some  other  Cisco  competitors  do.  Instead,  the  switch  uses  a  relatively 
simple  hierarchical  interface  with  executive  and  configuration 
modes.  The  interface  was  easy  to  navigate.  Context-sensitive  help  is 
available  for  all  commands,  and  command  syntax  is  uniform  at  least 
for  the  various  operations  we  tried. 

In  terms  of  management  methods,  only  HTTP  and  Secure-HTTP  are 
enabled  by  default.  Both  require  the  prior  creation  of  a  username  and 
password  to  grant  access. 

All  other  management  methods  —  including  SSH,  telnet  and  the  var¬ 
ious  versions  of  SNMP  —  must  be  enabled  by  the  user.  Note  that 
enabling  SSH  turns  on  a  server  that  supports  both  versions  of  the  pro¬ 
tocol.  A  second  command  is  required  to  disable  Version  1,  which  has 
known  security  vulnerabilities.  IOS  in  Cisco  Catalyst  switches  works 
the  same  way  and  requires  a  second  command  to  disable  SSHvl. 

The  3Com/H3C  switch  may  not  offer  100%  of  the  features  of  com¬ 
peting  high-end  switches  from  Cisco  and  others.  But  in  most  areas  it 
delivers  excellent  performance  while  drawing  remarkably  low  power. 
3Com,  long  absent  from  the  high-end  enterprise  networking  market  in 
North  America,  is  back  with  a  credible  enterprise  switch. 


Newman  is  president  of  Network  Test,  a  benchmarking  and  network 
design  consultancy.  He  can  be  reached  at  dnewman@networktest.com. 
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upcoming  RSA  security  conference  advocating  a  set  of  security  stan¬ 
dards  for  use  in  the  cloud  market.  Ideally  security  will  be  built  into  every 
application,  and  portability  of  applications  across  clouds  is  also  impor¬ 
tant,  Boehme  and  the  alliance  say 

If  clouds  are  interoperable,  customers  can  at  least  move  an  applica¬ 
tion  from  one  to  another  in  case  of  failure,  the  alliance  notes  on  its  Web 
site.“Businesses  using  the  cloud  should  be  prepared  for  the  worst”  the 
group  says. 

But  that  doesn’t  mean  avoiding  the  cloud  makes  sense,  either, 
Boehme  notes.  ING  already  uses  a  mix  of  data  centers  operated  by  its 
own  staff  and  data  centers  operated  by  third  parties,  he  says.  Cloud 
computing  typically  uses  a  multi-tenant,  rather  than  single-tenant  archi¬ 
tecture, but  that  doesn’t  make  it  completely  new  and  unfamiliar, he  says. 

Boehme  has  been  with  ING  since  August  2008,  but  has  more  than  two 
decades  of  experience  including  stints  as  the  CIO  of  Juniper  Networks, 
Sage  Software,  and  GE.  Boehme  recalls  using  the  IBM  mainframe  Time 
Sharing  Option  earlier  in  his  career,  a  feature  that  gives  users  concurrent 
access  to  the  mainframe  while  making  it  appear  to  each  user  that  no 
one  else  is  on  the  system.“I  didn’t  know  who  was  on  that  mainframe,” 
Boehme  says.“But  the  security  infrastructure,  and  the  risk  management 
was  already  built  into  that.” 

Cloud  computing  isn’t  as  sophisticated  as  the  decades-old  mainframe 
technology,  but  Boehme  is  expecting  great  things.  He  predicts  compa¬ 
nies  to  use  a  mix  of  external  cloud  providers  as  well  as  so-called  private 
clouds,  with  applications  being  portable  across  all  platforms. 

“We  don’t  believe  you  will  see  anybody  participate  with  a  single  pro¬ 
vider,”  he  says.  “We  think  you  will  have  multiple  providers,  internal 
clouds,  external  clouds,  hybrid  clouds. ...  We  like  the  concepts  and  the 
flexibility  that  this  provides.  We  believe  this  is  as  big  as  the  Web  was  in 
2000.”  ■ 
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continued  from  page  12 

And  if  the  multitude  of  sessions  at  RSA  isn’t  enough,  the  Jericho 
Forum,  a  user-based  advocacy  organization  dedicated  to  driving 
improvements  to  security  for  e-commerce,  will  be  holding  its  own 
mini-conference  at  a  location  within  walking  distance. 

The  Jericho  Forum  will  be  putting  its  spin  on  the  security  of  cloud 
computing  with  the  perhaps  surprising  belief  that  using  a  cloud  can  be 
more  secure  than  running  applications  and  databases  out  of  corporate 
data  centers. 

The  Jericho  Forum  doesn’t  believe  that  is  the  case  today  but  the 
potential  for  that  level  of  security  exists  and  should  be  pursued,  says 
Adrian  Seccombe,  a  member  of  the  Jericho  Forum  Board  of 
Management. 

Working  on  a  secure  architecture  while  cloud  services  are  still  evolv¬ 
ing  is  key,  he  says;  security  can’t  be  added  later  and  be  effective. 

Essential  to  that  architecture  is  the  ability  to  wrap  data  up  as  objects 
that  can  be  assigned  a  security  value.  Access  to  and  treatment  of  these 
objects  would  depend  on  the  objects  themselves  rather  than  cloud 
infrastructure,  Seccombe  says. “The  data  knows  who  it  should  operate 
with,”  he  says. 

The  conference  will  kick  off  Monday  with  a  few  focused  tutorials, 
one  being  with  the  Trusted  Computing  Group  (TCG),an  industry  orga¬ 
nization  that  has  designed  several  security  specifications  intended  for 
use  across  vendor  boundaries. 

One  of  TCG’s  most  important  efforts  has  been  the  Trusted  Platform 
Module  (TPM)  for  hardware-based  encryption  capabilities.  Joe  Mc- 
Ginley  manager  of  global  software  security  architecture  at  Diebold,  a 
maker  of  Automated  Teller  Machines,  will  be  on  hand  to  describe  how 
Diebold  has  added  TCG’s  Trusted  Platform  Module,  used  with  Wave 
Technologies  management  software,  for  public-key  encryption  secur¬ 
ity  in  automated  teller  machines.B 
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Less  freedom  in 

Last  week’s  column  on  the  Internet  Kill 
Switch  generated  a  lot  of  feedback  (vote 
on  whether  the  president  should  have  a 
kill  switch  at  www.nwdocfinder.com/9631). 

I  need  to  clear  up  one  thing:  I  wasn’t  suggest¬ 
ing  right-wingers  were  behind  the  bill.  What  I 
was  suggesting  was  hardcore  right-wingers 
would  likely  be  in  favor  of  the  bill. The  fact  that 
known  liberals,  one  of  them  Democrat  and  the 
other  Republican,  are  the  source  of  the  bill  is  bizarre  to  say  the  least. 

Reader  Anon  asked, “It  all  hinges  on  the  definition  of ‘United  States 
critical  infrastructure  information  system  or  network’ ,  doesn’t  it?” 

Reader  Alex  Breeding  is  well  versed  on  that  topic  having  authored  a 
paper  for  the  SANS  Institute  that,  in  part,  delved  into  what  the  govern¬ 
ment  defines  as  critical  infrastructure.  He  concludes  that  it  covers  just 
about  everything  that  matters:  roads,  food  production,  health  services, 
police  and  fire  departments  ...  the  list  is  long  and  comprehensive. 

Anon’s  brother,  curiously  also  called  Anon,  opined  that  such  a  broad 
definition  of  critical  infrastructure  exists  “perhaps  to  make  the  area  of 
influence  as  wide  as  imaginable. Total  government  control  as  in  Soviet 
Russia.  Concentration  camps  may  not  be  necessary  just  shut  down  the 
colo  [and  the]  traffic  and  you  can  kill  opposition/competition  forever!’ 

A  good  friend,  also  preferring  to  be  called  “Anon”,  pointed  out  a  pos¬ 
sible  reason  for  this  ostensibly  ridiculous  bill  being  “kited”:  it’s  a  way  of 
softening  up  public  perception  so  when  there’s  a  need  to  curtail  spe¬ 
cific  Internet-mediated  communications  it  can  be  pitched  as  being  in 
the  national  interest  and  nobody  will  be  surprised. 

Anon  theorizes  that,  should  there  be,  for  example,  the  beginnings  of 
a  serious  run  on  the  dollar,  then  shutting  down  “critical  infrastructure” 
(which  would  include  the  banks  and  financial  institutions)  would 


the  new  digital  world? 

allow  the  government  breathing  room  by  stopping  transactions  from 
being  cleared.  He  refers  to  this  shutdown  as  “the  Big  404”  because 
your  bank,  your  broker  and  all  of  the  other  financial  services  you  deal 
with  would  suddenly  not  be  available  for  a  day  or  two  while  the  feds 
implement  a  control  strategy 

Sound  far-fetched?  Well,  maybe  not  so  much  when  you  consider 
other  governmental  scheming  that’s  afoot.  For  a  start  there’s  the  Anti- 
Counterfeiting  Trade  Agreement  (ACTA). The  negotiations  for  this 
international  trade  agreement  between  the  G8  and  others  countries 
have  been  underway  mostly  in  secret  since  2007! 

According  to  a  report  in  the  London  Telegraph  last  year,  ACTA  would 
permit  “IFbds,  mobile  phones  and  laptops  [to]  be  examined  by  airport 
customs  officials  for  illegal  downloads”  without  customs  having  cause. 
Until  ACTA  is  ratified  we  won’t  know  what  is  actually  being  agreed  to 
and  by  then  it  will  be  too  late.  What  happened  to  transparency? 

Or  how  about  the  Obama  administration’s  position  on  warrantless 
wiretapping?  In  a  motion  asking  the  court  to  dismiss  the  Electronic 
Frontier  Foundation’s  case  against  the  NSA,the  administration  is 
claiming  that  not  only  is  the  whole  program  a  state  secret  but  that  the 
government  is  immune  to  litigation  for  what  it  has  done. 

As  the  EFF  points  out,  the  then-Sen.  Obama  lamented  on  the  cam¬ 
paign  trail  that  the  Bush  Administration  “invoked  a  legal  tool  known  as 
the  ‘state  secrets’  privilege  more  than  any  other  previous  administra¬ 
tion  to  get  cases  thrown  out  of  civil  court.” 

A  jaded, suspicious  person  might  conclude  from  all  of  this  scheming 
and  opacity  that  when  it  comes  to  technology  the  government  is  in 
the  process  of  assuming  greater  authority  and  softening  us  up  for  a 
brave  new  digital  world  where  we  have  a  lot  less  freedom. 

Express  your  own  ennui  to  backspin@gibbs.com. 
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3  fact-checkers 

turned  independent;  she’s  a  Canadian  who  cannot  vote. 

From  FactCheck.org:  “We  checked  online  to  see  if  (David  Mikkelson) 
had  given  money  to  any  federal  candidates,  and  nothing  turned  up. 
Mikkelson  even  faxed  us  a  copy  of  his  voter  registration  form.  He  asked 
us  not  to  post  an  image  of  it,  but  we  can  confirm  that  it  shows  he 
declined  to  state  a  party  affiliation  when  he  registered  last  year,  and 
also  that  when  he  registered  in  2000  he  did  so  as  a  Republican. 

“Do  the  Snopes.com  articles  reveal  a  political  bias?  We  reviewed  a 
sampling  of  their  political  offerings,  including  some  on  rumors  about 
George  W  Bush,  Sarah  Palin  and  Barack  Obama,  and  we  found  them 
to  be  utterly  poker-faced.  David  does  say  that  the  site  receives  more 
complaints  that  it  is  too  liberal  than  that  it  is  too  conservative. 
Nevertheless,  he  says, ‘We  apply  the  same  debunking  standards  to 
both  sides!” 

Of  course,  the  reason  Snopes.com  is  more  often  accused  of  bias  by 
conservatives  than  by  liberals  is  that  facts  have  a  notoriously  liberal 
bias. 

The  FactCheck  fact  checkers  found  plenty  of  evidence  that  the 
Mikkelsons  are  serious  if  not  obsessive  researchers,  not  exactly  a  revela¬ 
tion  to  fans  of  the  site,  such  as  yours  truly  As  for  hiding  their  identities, 
the  first  of  countless  press  mentions  of  Snopes  dates  back  to  a  1995 
article  in  the  Los  Angeles  Times  that  named  David  Mikkelson. 

Bottom  line:You  can  go  on  trusting  Snopes.com  as  much  as  you’d 
trust  any  other  source  of  information  on  the  Internet  (and,  no,  that’s  not 
meant  to  be  back-handed). 

Incidentally  the  Mikkelsons  make  no  claim  to  infallibility  and  insist 
that  their  highest  objective  is  to  help  convince  people  to  think  critically 
about  what  they  hear  and  read  . . .  and  to  do  their  own  fact  checking. 

Because  you  never  know  when  Oprah  might  really  give  away  a  mil¬ 
lion  dollars. 

Comments  and  scurrilous  rumors  should  be  sent  to  buzz@nww.com. 
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[hat’s  your  first  thought  when  someone 
spreads  an  e-mail  around  the  office 
claiming  that  Oprah  is  giving  away  a  mil¬ 
lion  bucks  or  that  your  penny-pinching  state 
will  no  longer  send  out  reminders  about  dri¬ 
ver’s  license  renewals? 

Right:  Better  check  Snopes.com  to  see  if 
these  things  are  true.  (The  first  is  not;  the  sec¬ 
ond  is  if  you  live  in  Massachusetts.) 

Established  in  1995,  Snopes  has  long  been  the 
go-to  Web  site  for  running  a  rumor  through  the  nonsense-detector,  and 
its  proprietors,  David  and  Barbara  Mikkelson,  have  assumed  an  almost 
mythic  stature  as  the  most  authoritative  discoverers  of  truth  and  falsity 
online. 

But  who’s  checking  the  fact  checkers? 

Recently  it  was  a  similar  but  more  narrowly  focused  outfit, 
FactCheck.org,  which  is  funded  by  the  Annenberg  Foundation  and 
describes  itself  as  “a  nonpartisan,  nonprofit  consumer  advocate  for  vot¬ 
ers  that  aims  to  reduce  the  level  of  deception  and  confusion  in  U.S. 
politics.”  (Why  not  try  something  easier  first,  like  say  peace  in  the 
Middle  East?) 

Here’s  the  essence  of  a  chain  e-mail  that  FactCheck.org  decided  to 
fact  check:  Is  Snopes.com  run  by  a  “very  Democratic”  duo  who  long 
hid  their  true  identities,  rarely  do  any  real  research,  and  blatantly  fabri¬ 
cated  a  tale  about  a  State  Farm  Insurance  agent  just  because  he  pub¬ 
licly  opposed  the  election  of  President  Obama? 

No,  no,  no  and  no  were  the  conclusions.  Employing  that  age-old 
reporter’s  trick  of  contacting  the  primary  source  —  in  this  case,  State 
Farm  —  FactCheck.org  was  able  to  confirm  that, yes,  the  insurance 
giant  had  asked  the  agent  to  stop  using  its  brand  name  as  his  political 
soapbox.The  group  could  find  no  evidence  of  political  contributions 
or  activism  on  the  part  of  the  Mikkelsons  —  he’s  a  former  Republican 


Xeon 


inside 


mm  m 


Powerful. 

Intelligent. 


/A . 

'For  complete  details,  go  to  wwwiibTn.com/green/disclaimer,  IBM.  the  IBM  logq,  Jlpchi,p6m:,ah^  BbdeCehter  are  tractefnarks  of.  International  Business  Machines  Corporation,  registered 
many  jurisdictions  worldwide.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at ' trademark  information'  at  www  ibm.com/legal/copytrade.shtml.  Intel  tho  |n‘ 
Logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  United  States  and  other  countries.  (&  2009  IBM  Corporation.  All  rights  reserved. 


in 

the  Intel 


19  IBM  Corporation.  All  rights  r 
I  ill  If fl !  i  I  ( ■'  / 1  -■  f :  r  ••  j  1 

///  I 


IlUiHUU 


The  inefficiency,  complexity  and  rising  energy  costs  of  twentieth-century 
datacenters  simply  can’t  support  the  demands  of  twenty-first-century 
business.  The  IBM  BladeCenter®HS22  with  Intel®  Xeon®  Processor  5500 
Series  can  improve  the  economics  of  your  datacenter  by  using  up  to 
95%  less  space  and  90%  less  energy  than  competitive  rack  servers 
deployed  3  years  ago,  all  without  sacrificing  performance!  A  greener 
world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Learn  how  to  improve  performance  and  costs  at  ibm.com/green/bladecenter 
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With  NetApp  at  the  heart  of  your  business,  you  can 


and  bring  breakthrough  ideas  to  market  faster. 


Leave  your  competition  behind.  Because  with  NetApp,  you  can  provision,  test,  and  deploy  new  applications 
i  days  instead  of  months,  keeping  your  business  a  step  ahead.  What’s  more,  you’ll  love  the  commitment  of  our 
team  of  experts  who  share  your  drive  and  winning  vision.  Learn  how  our  storage  and  data  management 
solutions  can  help  your  business  go  further,  faster.  Visit  netapp.com/breakthrough. 
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